End-to-end encryption (E2EE) has become a key technology for secure communications, but criticism is growing that encryption alone makes it difficult to respond to modern cyber threats in government and critical infrastructure. Recently, security authorities and experts warned that attackers are changing tactics, bypassing accounts, devices and identity systems rather than directly decrypting encryption.

An IT outlet, TechRadar, reported on June 11 that awareness is spreading among government agencies and the security industry that secure communications should be viewed not as simple encryption technology but as an integrated system that includes identity authentication, device security, metadata management and infrastructure control.

In the past, the core of security was seen as encrypting communications content so third parties could not read it. Recently, however, attackers have preferred to steal user accounts or impersonate relevant personnel to gain access instead of decrypting encrypted messages.

Security experts point out that if identity systems collapse, encryption technology itself can effectively be neutralised. That is because attackers can take over an account and then act like a legitimate user to access encrypted messages.

Consumer encrypted messengers are seen as strong at protecting the message transmission path, but are also assessed as failing to sufficiently provide the level of identity assurance and access control required in government agencies or critical infrastructure operating environments.

Many services rely on simple sign-up procedures based on email or phone numbers, and users' devices are often operated without a separate management system. Such an environment could provide favourable conditions for state-backed hacking groups or sophisticated attackers.

Phishing and impersonation attacks recently warned about by intelligence authorities are also cited as examples that target such vulnerabilities. Attackers do not try to break encryption technology, but secure information by tricking users into handing over account details or exploiting trust relationships.

Experts also view metadata as an important risk factor. Even if message content is encrypted, information remains about who contacts whom, when and how often. These communication patterns can be used to infer relationship structures within an organisation, decision-making systems and the purpose of activities. Some experts analyse that metadata can, in some cases, have greater strategic value than the message content itself.

Issues around platform operators and infrastructure control are also coming to the fore. If government agencies rely on platforms run by foreign companies, data jurisdiction and operating policies can be influenced by external environments. As a result, countries are increasing interest in building sovereign communications infrastructure that can secure domestic control.

Government procurement policy is also showing signs of change. End-to-end encryption is still assessed as an essential security element, but there are increasing cases in which integrated security systems are required together, including identity authentication systems, device trust verification, metadata management and platform control capabilities.

In this situation, governments are turning to sovereign dedicated communications platforms tailored to high-risk environments. This is based on a judgement that existing encryption-centred assumptions no longer hold in an environment of rising geopolitical tension, information warfare competition and persistent threats at the national level. Ultimately, the standard for secure communications is being reshaped toward including not the level of message encryption but also who connects and from what devices and through what infrastructure they communicate.