The vast world of cybersecurity features secret portals of access to the deep web and undocumented encryption backdoors that most people look past unknowingly. It’s a bit difficult to wrap one’s head around the terminology in recent news on data breaches and secret servers, especially when the term “backdoor” has several definitions.
A backdoor in a computer system or other software is a portal that administrators can go through to help with troubleshooting. Here’s where it gets tricky: That same portal can be exploited by hackers and governmental entities to gain unauthorized information—and sometimes they’re added intentionally for that very purpose. Backdoors are typically undocumented and are kept a secret; otherwise, the software it’s embedded in will become vulnerable to hackers and viruses.
Although it puts the software or computer at risk for a breach of data, software developers can manually build a backdoor into any software or computer for easy access to information regarding the program. These administrative backdoors are typically secured through a set of private usernames and passwords.
When it comes to encryption, however, backdoors are particularly problematic. Encryption’s job is to keep data secret except for those who hold the keys. Encryption backdoors are weaknesses in the code that allow any person with the right skills—like the FBI, NSA, or independent hackers—to access the private data anyway.
The term backdoor has surfaced in the mainstream throughout recent years as the U.S. faces national security issues, particularly after lawmakers proposed a mandate for backdoors in encryption. The bill, however, was hotly debated by many, including President Barack Obama’s White House, FBI Director James Comey, and NSA Director Michael Rogers. Backdoors also caught interest internationally, as Russia may soon be implementing required backdoors to social media apps like Viber, WhatsApp, and Telegram.
In short, backdoors make systems inherently insecure, and that’s especially problematic when it comes to encryption. If you leave a key under your doormat, eventually, the wrong person is going to find it.
Backdoors aren’t just for software makers. Attackers can also create their own backdoor, allowing them go through their victim’s computers whenever they want to, stealing their private data along the way.