E-commerce encryption cracked by intelligence services

Monday, September 9, 2013 - 09:50 by Mike Price

Additional revelations made as a result of the actions of intelligence agency whistleblower, Edward Snowden, have shown that techniques used to encrypt information online have been compromised by government-funded hackers, according to BBC News.

Both the NSA in America and GCHQ in the UK have apparently managed to circumvent protocols that are designed to allow people to carry out safe shopping online, check their emails in private and even use web-based banking services.

160 million a year is being spent by the NSA on a project called Bullrun, which has been unearthed in new reports from the Guardian and a number of other media outlets.

Bullrun is the equivalent of a UK government project known as Edgehill, with both of these code names relating to events in the respective nation's civil wars.

As well as attempting to and succeeding to crack various encryption techniques relating to e-commerce, intelligence workers have also been targeting 4G networking and business networks.

Most of the work is done by government supercomputers, which can use brute force to work out how encryption is able to scramble data as it is sent from the user to the service and back again.

Encryption enables safe shopping online by keeping payment card and delivery details safe, so that they do not fall into the wrong hands, although it seems that these systems are not foolproof, as the leaks show that these government agencies have found a way to bypass them.

In the US it was alleged that the government has sought to force encryption firms to put a back door in all their protocols, so that officials could get access to encrypted data with ease. When this was denied, significant investment was made from the year 2000, to get in via shadier means.

There has been an outcry over these latest leaks, although as with other recent revelations, average consumers should not need to worry.