The NSA swears that it has ‘no backdoors’ in Next-Gen encryption

A group of Human rights lawyers and investigators this week called on The Hague to raise what would be the first ever charges of “cyber war crimes”. The group calls on the International Criminal Court to prosecute the dangerous and destructive Russian hacker group known as Sandworm, which is run by Russia’s military intelligence service GRU. Meanwhile, activists are working to block Russia from using satellites controlled by the French company Eutelsat to broadcast their state-run propaganda programs.

Researchers released results this week that thousands of popular sites record data that users enter into forms on the site before pressing the Submit button – even if the user closes the page without submitting anything. Google released a report on an in-depth security analysis, which it conducted with chip maker AMD to capture and correct bugs in special security processors used in Google Cloud infrastructure. The company also announced a number of privacy and security features for its new Android 13 mobile operating system along with a vision to make them easier for people to understand and use.

The European Union is considering child protection legislation that will require scanning of private chats, potentially undermining end-to-end encryption on a massive scale. Plus, defenders from cybersecurity nonprofit BIO-ISAC are racing to protect the bioeconomy from digital threats, and this week announced a partnership with the Johns Hopkins University Applied Physics Lab that will help fund pay-what-you-can-do event resources.

But wait, there’s more. Every week we pick up the news that we did not break or cover in depth. Click on the headlines to read the full stories. And be safe out there.

The United States is completing the development of a new generation of high-security encryption standards that will be robust in the current technical climate and are designed to be resistant to circumvention in the age of quantum computers. And while the National Security Agency contributed to the creation of the new standards, the agency says it has no particular means of undermining protection. Rob Joyce, the NSA’s director of cybersecurity, told Bloomberg this week: “There are no backdoors.” The NSA has been implicated in backdoor encryption schemes before, including in a situation in the early 2010s where the United States removed an NSA-developed algorithm as a federal standard over backdoor problems.

A comprehensive study by the Georgetown Law’s Center for Privacy and Technology reveals a more detailed picture than ever of the surveillance capabilities and practices of U.S. immigration and customs authorities. According to the report released this week, ICE began developing its surveillance infrastructure at the end of the George W. Bush administration, years before it was previously thought to have begun these efforts. And researchers found that ICE spent $ 2.8 billion on surveillance technology, including face recognition, between 2008 and 2021. ICE was already known for its aggressive and invasive surveillance tactics during the Donald Trump administration’s anti-immigration reactions, but the report also claims that The ICE has “played a key role in the federal government’s major push to gather as much information as possible” about people in the United States.

“Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contract and procurement registers, reveals that ICE now operates as a domestic monitoring agency,” the report says. “By accessing the digital records of state and local authorities and purchasing databases of billions of data points from private companies, ICE has created a monitoring infrastructure that makes it possible to pull detailed records about almost anyone, apparently at any time.”

In a legal settlement this week, the face recognition and surveillance startup Clearview AI agreed to a set of restrictions for its business in the United States, including that it will not sell its facial imprint database to companies or individuals in the country. The company says it has more than 10 billion facial impressions in its arsenal that belong to people around the world and collected through photos found online. The settlement comes after the American Civil Liberties Union accused Clearview of violating the Illinois Biometric Information Privacy Act. The agreement also stipulates that the company will not be allowed to sell access to its database in Illinois for five years. “This settlement shows that strong privacy laws can provide real protection against abuse,” Nathan Freed Wessler, deputy director of the ACLU Speech, Privacy, and Technology Project, said in a statement. Despite the victory over privacy, Clearview can continue to sell its services to federal law enforcement, including the ICE, and police departments outside of Illinois.

Costa Rican President Rodrigo Chaves said on Sunday that the country declared a national emergency after the infamous Conti ransomware gang infected several public authorities with malware last week. Sunday was the first day of Chaves’ presidency. Conti leaked some of a 672 GB amount of stolen data from several Costa Rican agencies. In April, the Costa Rican Social Security Administration announced it was the victim of a Conti attack. “At this time, a perimeter security review is being conducted on Conti Ransomware to verify and prevent possible attacks,” the agency tweeted back then.