Sophos warns of repercussions for virus scanning as anti-Echelon Euro MPs advocate email encryption

May 30, 2001 Sophos Press Release

Sophos, a world leader in corporate virus protection today reminded companies how increased use of encryption to keep emails private and confidential may impact on their networks' virus protection. This follows calls from Euro MPs that businesses should make greater use of email encryption to prevent snooping by the Echelon system.

Sophos is warning users that although encryption helps to ensure the privacy of an email, it also has ramifications for virus scanning at the internet and gateway level. Because encrypted emails can only be scanned securely at the desktop, any organisation relying on internet or gateway protection is compromising their security by sending and receiving encrypted documents.

"It's obviously encouraging to see Euro MPs taking privacy seriously, and Sophos is in favour of more companies using encryption to secure their data," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "However, companies should think very carefully about deploying encryption because of the impact it may have on their virus protection. Desktop anti-virus protection remains the very best way to protect your computers, and will continue to protect people even in an encrypted world. Anti-virus companies which offer only gateway and internet scanning will find detecting viruses inside encrypted email as easy as nailing jelly to the ceiling."

The Echelon operation is an information surveillance system initially used during the Cold War to gather military intelligence. However, some Euro MPs are claiming that the system is now being used to spy on European companies and home users, an activity which they claim is in contravention of the Human Rights Convention. In response, they are advising users to encrypt their emails in order to avoid their private correspondence being scrutinised.