Episode #17: What is Encryption?
Understanding the basics about what encryption is and its purpose, helps to understand when and why you may want to use it to protect your sensitive information!
Episode #17: What is Encryption?
What is Encryption?
Encryption is the process of converting plain text (i.e. information that is easily readable) into ciphertext (i.e. encoded information that is not easily readable) using a mathematical algorithm called a "cipher." The process of converting ciphertext back into plaintext is called decryption.
Encryption is used to protect sensitive information from unauthorized access or disclosure. For example, when you send a message to someone over the internet, encryption can be used to protect that message from being intercepted and read by someone else. Similarly, when you store sensitive information on your computer or in the cloud, encryption can be used to protect that information from being accessed or stolen by unauthorized parties.
Encryption is a key component of information security and is used in various systems and applications, including email, messaging, online banking, and cloud storage. Encryption can be applied in different ways, such as at the file level, at the disk level, or at the network level.
Overall, encryption is important as it protect sensitive information and prevent them to be accessed by unauthorized parties, it's a way to secure the confidentiality and integrity of the data.
For someone like me that is using a home computer, what sort of files would you recommend I protect with encryption?
As a general rule, it's a good idea to encrypt any files that contain sensitive or personal information. Here are a few examples of the types of files you may want to consider encrypting on your home computer:
Financial documents: These may include bank statements, tax returns, and investment records.
Personal identification documents: These may include your passport, driver's license, or social security number.
Health records: These may include medical records, prescription information, and insurance information.
Business documents: These may include confidential business plans, client data, and customer information.
Personal communication: These may include emails, text messages, and instant messages that contain sensitive information.
Backup files: These may include files that you have backed up to an external drive or cloud storage service.
It's worth noting that encryption is not a one-size-fits-all solution and there are many different encryption methods and software available, so it's important to do your research and choose an encryption method that best meets your needs. Encryption is not only for the files, it's also can be applied to your device, network, and cloud storage.
What is the easiest way for a non-technical person like myself to encrypt my sensitive documents?
There are a few simple ways for a non-technical person to encrypt their sensitive documents:
Use a password-protected zip file: Most operating systems come with a built-in tool for creating password-protected zip files, which can be used to encrypt your sensitive documents. Simply select the files you want to encrypt, right-click, and select "Compress." Then enter a password to protect the files.
Use a free encryption software: There are many free encryption software available, such as VeraCrypt and AxCrypt, which can be used to encrypt your sensitive documents. These software usually have simple and user-friendly interface, easy to install and use, and you can find tutorials on the internet to guide you through the process.
Use cloud storage service with encryption: Some cloud storage services, such as Google Drive and Dropbox, provide built-in encryption for files stored on their servers. When you upload a file, it's automatically encrypted and can only be accessed by someone with the correct encryption key.
It's also worth noting that keeping your computer updated, using anti-virus software, and being mindful of the links and attachments you open in your email or instant message can also help to keep your sensitive information safe.
How would it be possible for hackers to decrypt my encrypted documents?
There are a few ways that hackers could potentially decrypt your encrypted documents:
Brute force attack: A brute force attack is when a hacker uses a computer program to repeatedly try different combinations of characters as a password until the correct one is found. This method can be used to crack encryption passwords, but it can take a significant amount of time and computational power.
Dictionary attack: A dictionary attack is similar to a brute force attack, but the program uses a pre-defined list of words (like a dictionary) as the potential passwords. This method can be faster than a brute force attack, but it's also limited to the words in the dictionary.
Social engineering: Social engineering is the art of manipulating people into divulging sensitive information. For example, if a hacker can trick you into giving them your encryption password, they can then use it to decrypt your documents.
Exploiting vulnerabilities: Hackers can also take advantage of vulnerabilities in the software that you use to encrypt your documents. If a vulnerability is found and exploited, the hacker can bypass the encryption altogether.
Backdoor access: Some software can have hidden features that allow backdoor access, this means that the software developer or someone with the knowledge of how to use these features can access the data without the need of the encryption key.
It's important to note that strong encryption is still considered to be one of the most secure ways to protect sensitive information. However, encryption is only as secure as the password or key used to protect it, so it's essential to choose a strong and unique password and to keep it safe.
You mentioned Backdoor access in software. Can you give me an example of a software company that did this and what that meant for the people using the software?
A "backdoor" in software refers to a hidden or undocumented feature that allows someone to bypass normal security measures and gain unauthorized access to a system or data. This can be done by the software developer for legitimate reasons, such as for providing technical support, or for illicit reasons, such as for surveillance or theft of data.
One example of a software company that has been accused of using backdoors is the Italian company Hacking Team. In 2015, the company's internal data was hacked and leaked online, revealing that it had developed and sold surveillance software to governments and law enforcement agencies around the world. The software was capable of remotely accessing and monitoring computers, smartphones, and other devices, and had several backdoors built-in to allow for easy access.
This incident raised concerns about the use of such software by governments and law enforcement agencies, and the potential for abuse. It also highlighted the importance of transparency and oversight in the development and use of surveillance technology.
It is important to note that, while backdoors can be used for malicious purposes, they can also be used by software vendors to help users who have lost their passwords or other login credentials, or to allow for remote troubleshooting. However, it is important that the use of backdoors is transparent and controlled, and that users are aware of their presence and how they are being used.
If I encrypt my data, will that prevent people from being able to access it via a Backdoor?
Encrypting your data can help protect it from unauthorized access, including access via a backdoor. If a malicious actor tries to use a backdoor to access your data, the encryption will make it difficult for them to read the data without the proper decryption key. However, it is important to note that encryption alone is not a foolproof method of protection. Strong encryption can protect against casual attackers, but a determined attacker with enough resources, time and expertise can still potentially break the encryption. So, it's important to keep your encryption software and algorithm updated and use a reputable software. Additionally, it's always a good idea to use multiple layers of defence, such as firewalls and antivirus software, to better protect your data.
Can you use an analogy to explain all of the layers of cyber security defence?
Think of your computer or device as a castle and the data stored on it as the treasure. The first line of defence is the outer walls or perimeter of the castle, just like a firewall on your device that blocks unwanted access. Next, you have guards or sentries, like antivirus software, that monitor and scan for suspicious activity.
Then, you have the moat or intrusion detection systems that are designed to detect and stop intruders. Finally, you have the vault or encryption where the treasure is kept safe and secure. These layers of defence work together to keep the treasure (your data) safe and secure, just as the walls, guards, moat and vault work together to keep a castle and its treasure safe.