.png)
If you've had any interaction with computers and the internet you've likely heard of encryption. You may know that it's meant to keep your data safe, protecting it from prying eyes and hackers, or may have even heard how it can be used maliciously such as in ransomware attacks, but how exactly does it work? How does encryption keep people from seeing data?
The short answer is that encrypted data when read by a human will look like a bunch of garbled characters that make no sense whatsoever. By doing this, even if someone some how got a hold of your encrypted file they wouldn't be able to make any sense of it, keeping the data within safe. While this simple answer gives you a basic idea of what encryption is, it is quiet lacking in the finer points of how encryption works and why it must continually evolve in order to remain relevant.
Believe it or not, encryption is nothing new, in fact its been used throughout history to protect information. In times long past, encryption was done by shaping letters, altering letter placement and other clever tricks that could allow an otherwise innocuous looking letter to actually contain sensitive information such as battle plans, political intrigue, or assassination plots. While our ancestors may have used pen and paper to create both the encrypted message and the key, we now have the power of computers to manage encryption, and as computers become more powerful, encryption becomes ever more complex.
You may have seen "AES 256," which is a common form of encryption, but what exactly does that mean? AES 256 stands for Advanced Encryption Standard 256 bit, which means that the encryption uses a 256 bit block for its encryption cypher, ultimately doing 14 rounds of alterations to the data. By doing this, the data that can be viewed without decrypting comes out as complete nonsense making the data completely useless to anyone who has not decrypted it. If you're curious, you can get more detailed information on how exactly this
works here.
Your next question is likely "Just how safe is my data if it's encrypted?" The answer is, it depends. There are many types of encryption out there and even more methods to attempt to break into them. If you use an old or outdated form of encryption, such as RC2, someone with minimal knowledge and a quick google search can probably decrypt the data fairly quickly and easily. Another common way to get the data is not to attack the encryption itself but to "phish" for the key from the person who encrypted it. If they can get the key by convincing you to give it to them through phishing emails they have full access. Another way is what is known as a "brute force" attack, which ultimately is hitting the file with several attempts with different keys until one works. Ultimately, the more advanced the encryption method you use, and the closer you guard the key, the safer your data.
Where and when should I use encryption you may be wondering, and the answer is you are probably already using it more than you realize, but as for knowingly adding extra security, anytime you have sensitive data that others shouldn't see. This leads into the next point, encryption has two key categories, data in transit, such as emails or webforms, and data at rest, which includes files on your computer or databases. You may have noticed that on any website worth its salt that if you are entering payment information the URL has an "https" in front of it, which stands for hypertext transfer protocol secure. This means that all data being transferred from you to the website is encrypted in transit to prevent anyone from seeing it. Maybe you've heard someone talking about TLS on their emails, this is another encryption method to ensure that email can only be read once delivered to the recipient.
How does encryption in transit work though? Think of it as putting your data into a secure capsule or lockbox before sending it. You have a key to the box and so does the person you're sending it to, so when you place it in the mail box the mail man, postal workers at sorting facilities, or anyone else gets their hand on the mail can't get to what you sent to the intended recipient, but once it arrives, the recipient unlocks it and reads your message. By doing this, you prevent what's called "man in the middle" attacks, which is when a cybercriminal intercepts data moving across a network hoping to get sensitive data. While they can still get a copy of your message off the network, when they try to read it, it will be encrypted and they wont be able to gain access to the sensitive information inside.
As for your data at rest, encryption is more like having a safe in your home. You put your valuables in the safe so that even if someone were to break into your house, they can't get what you have stored in the safe. By encrypting data such as banking statements, government records, and the like, even if someone does gain access to your computer they would need to be able to decrypt sensitive files before they could view them.
All this being said you may be feeling much better about the safety of your data but there is one key factor to remember when it comes to anything cybersecurity related, nothing is unbreakable. The goal of this security, as with any, is to make an attacker have to work harder than would justify their reward by gaining access. Just like a burglar, hackers want quick reward for little effort. If a burglar is casing out a neighborhood would they pick the house with locked doors, an alarm system and dogs or the house where the owner is rarely home and has no security in sight? More often than not a hacker will pass you by if they believe too much effort will be required to gain access to something, deterring attacks. While you can never be 100% safe from a determined attacker, you can always add more steps to make yourself a harder target.
If you have any questions, concerns, or needs in the realm of security for your technology, reach out to All American Cyber for a free cybersecurity consultation.
Commentaires