The UK Has a Dirty Secret for Spying on Encrypted Messages: Hacking

Members of the media and some politicians are near-constantly talking about accessing terrorist communications, but are ignoring one of the most viable solutions.

|
Jun 27 2017, 10:00am

After a string of terrorist attacks in the UK this year, members of the government have renewed their pressure on tech companies such as WhatsApp to provide access to the content of users' messages. Immediately after a suicide bomber struck Manchester in May, the government pushed to implement so-called Technical Capability Notices, which would somehow force tech companies to remove message encryption on request, perhaps through the creation of a backdoor in their products.

"We have to have a situation where we can have our security services get into the terrorists' communications. There should be no place for terrorists to hide," Home Secretary Amber Rudd said after a terrorist attack on London Bridge in March.

But in reality, there is another option that the UK security services say they already make heavy use of in terror investigations, and which many media outlets and politicians either ignore or aren't aware of: hacking. If the UK is to have an honest, fruitful, and productive debate on accessing terrorist communications, then this approach can not simply be swept away by members of government who present encrypted messages as some grand, unsolvable problem.

In UK parlance, hacking is known as "equipment interference," and consists of a spread of technologies and techniques. Sometimes it may just constitute using a suspect's username and password to log into a computer, but the higher end of the spectrum could include "remote exploitation of a device," according to a document from UK law enforcement.

WhatsApp, Signal, Telegram, and other messaging programs use end-to-end encryption— that is, encrypting the message on the device itself with its own key—so even the communications company cannot unlock the message's content. Hacking gets around that by attacking the endpoint itself—the laptop, the phone—so government malware can read any messages before they are encrypted, and send them off to an investigator.

The UK's domestic intelligence agency MI5 said it has relied on equipment interference in the "majority of high priority investigations," according to a government published factsheet. Although we don't know exactly what MI5 did in those hacking operations, the approach has been worthwhile, judging by the document.

"[Equipment interference] has been instrumental in disrupting credible threats to life, including against UK citizens," the section on MI5 adds.

Got a tip? You can contact this reporter securely on Signal at +44 20 8133 5190, OTR chat at jfcox@jabber.ccc.de , or email joseph.cox@vice.com

Of course, hacking has limitations. While mass surveillance is cheaper per target, spying on an individual with a piece of malware is typically going to be more expensive. Hacking does not provide the same sort of surveillance as more open access to WhatsApp messages would. If the UK could view all WhatsApp communications, it could theoretically scan those to identify new suspects. With hacking, you generally need to already have a target in mind, so you know which device to hack (the UK's new surveillance legislation does allow for targeting groups of people with hacking tools in a much wider fashion).

However, time and time again, those who went on to carry out terrorist attacks in the UK were already known to the authorities. If investigators hacked suspects' phones or computers, the government could likely read any soon-to-be-encrypted communications.

And, in brief, while backdoors can pose a security risk to all of a product's users by introducing new vulnerabilities, hacking is about taking advantage of already existing problems in a program or operating system (What happens if those exploits become public is another issue altogether). Using targeted hacking generally has less negative impact for wider society's digital security, and preserves the privacy of those not suspected of a crime, if done proportionality with a warrant.

Maybe the UK government would just prefer access to WhatsApp messages in bulk and on demand, and maybe that would be a better method of identifying terrorism suspects. But hacking needs to be more prevalent in the debate, rather than the claims that WhatsApp and other messengers provide a safe haven for terrorists getting front and centre: it is simply not true.

Get six of our favorite Motherboard stories every day by signing up for our newsletter .