DEFINITION of 'Backdoor'

Software that allows an unauthorized third party to remotely access or monitor a computer-based system. Backdoors are a threat to users’ security and privacy and are difficult to unmask because they are designed to elude detection. They also offer a variety of ways to access a user’s system. Firewalls, monitoring networks for suspicious activity, and preventing open source programs from accessing a network can help protect against backdoor intrusion.


In November 2016, security analysts discovered that more than 100,000 Android phones contained a pre-installed backdoor that sent users’ locations, text messages, call logs and contact lists to recipients in China for an unknown purpose, without the phone users’ knowledge. Users wouldn’t have been able to detect the transmissions even if they had known about them because of how backdoors work. Backdoors can also be used by governments that want to monitor cellphone behavior, including tracking Internet use and monitoring conversations.

A particularly malicious method makes use of a USB stick to install a backdoor on a locked computer within a minute. It hides code in the computer’s browser cache that is much more difficult to detect than malware. The attacker can then use data collected by the USB stick to access the victim’s online accounts and computer network.

In the 1990s, the US National Security Agency (NSA) publicly campaigned to insert a backdoor in all encrypted communications online to allow it to eavesdrop. One of the arguments against allowing the NSA to do this is that backdoors create vulnerabilities that can be exploited by more than just the entity that installed the backdoor. Enemies of the United States could exploit the same backdoors that the NSA wanted to use. The agency ended up using other methods, such as hacking and weakening encryption standards, to accomplish its goals. The NSA also worked with providers such as Microsoft to gain pre-encrypted access to popular consumer services like email, online storage and Internet phone calls and chats.

Backdoor access was at the heart of a fight between the FBI and Apple after the 2015 shootings in San Bernardino, Calif. Opponents argued that allowing such access would not be an isolated incident but would set a new precedent that would reverse much of the progress made in Internet security and allow governments to have backdoor access to other Internet and computer-based systems ranging from cars to thermostats. The precedent could also have allowed other law enforcement agencies, from the U.S. Department of Justice to local police departments, to gain access to people’s phones.