SIDEBAR
»
S
I
D
E
B
A
R
«
2014: The year of the hack Comment on this post ↓
December 27th, 2014 by Warren Swil

Brazen attacks shred

faith in data security

North Korea’s Kim Jong Un was not amused by Sony’s movie “The Interview.”

As the year began, more than 40 million credit card holders got a rude awakening when they learned their account data had been stolen from retailing giant Target.
As it draws to a close, the world has been regaled by emails and other sensitive data stolen from electronics and entertainment mega-corporation Sony.
These two major hacks bookend a year in which data privacy and security have been dominant themes in the news.
Never before has it seemed that everyone is at such risk from unseen, unknown threats. You are not alone if you have little faith that government and businesses cannot be trusted with your data.

According to a November poll by the Pew Research Center, Public Perceptions of Privacy and Security in the Post-Snowden Era, a stunning 91 percent of adults believe that consumers have lost control over how their data is collected and used by companies.
An equally huge majority, 80 percent of adults agree or strongly agree that Americans should be concerned about government monitoring of their phone calls and emails.
“There is little confidence in the security of common communications channels, and those who have heard about government surveillance programs are the least confident,” the poll finds.

An alarming headline from CNN Money. Stories like this abound, increasing angst.

One needs look no further than the headlines to find a major source of this angst.
Online privacy is dead proclaimed CNN during the height of the revelations by former NSA contractor Edward Snowden.
“Strong passwords and encrypted email services were never truly enough to protect users’ online privacy. But recent revelations about government surveillance even throw into doubt the effectiveness of far-out measures of data encryption used by the most careful people surfing the Web,” writes Jose Pagliery.
Technical solutions to data breaches abound, but the hacking of 56 million customer credit cards from Home Depot demonstrates their inadequacy when the motive is profits.
According to a September story in The New York Times Ex-Employees Say Home Depot Left Data Vulnerable the company was slow to react and relied on outdated software to protect its network.
“Interviews with former members of the company’s cybersecurity team … suggest the company was slow to respond to early threats and only belatedly took action,” the Times reported.
The story adds the alarming warning that government officials estimate that as many as 1,000 retailers have been hacked, and that many companies do not even know they have been breached.
“[S]ecurity experts … say retailers have not only been complacent about security, they have also been reluctant to share information with one another.”
Privacy it seems is under assault from two directions.
The monitoring of private communications by government is now undeniable, despite official protestations to the contrary. But data stored by private enterprise now has been revealed to be less than secure, making every cutomer and user vulnerable to its theft.
It is no wonder that trust in government and business is low and dropping. According to the Pew study, “While the surveillance practices of government agencies have been the focus of many public discussions and debates post-Snowden … Americans are also concerned about data collection by advertisers. Additionally, public concern over the amount of personal information businesses are collecting has been growing.”
According to the poll, only 18 percent of adults trust the government “all” or “most” of the time; the numbers are even lower for businesses, just 12 percent.
In case you feel helpless and watching “The Interview” movie didn’t make you laugh, there is a glimmer of hope.
On Christmas Eve, the Electronic Frontier Foundation noted that 2014 was a year in which Web Encryption Gets Stronger and More Widespread
“[W]e’re happy to report that although there is still much work to be done, there has been a major boost to [encryption] adoption Internet-wide. In addition to wide adoption, the implementations have gotten better … As it turns out, 2014 was also a year of major vulnerabilities found in existing web encryption technologies.”
Technical fixes are good, but there can be no substitute for exercising caution when using electronic communications of all types. Awareness is the most important starting point for all of us.
Knowing which are the most vulnerable (credit or debit cards, social media or texting) and being circumspect all play a role. Nothing can ever be perfectly secure, but we can minimize our chances of becoming a victim. In the digital age, this is perhaps the best we can do.

 

FEEDBACK: Contact site admin directly

Email Administrator



4 Responses  
  • Jack van Dijk writes:
    December 27th, 2014

    The modern password consists of the first/last two letters of words in an easy to remember sentence. Example: The quick brown fox jumps over the lazy dog, results in thqubrfojuovthlado12. The 12 is for the month. This password is totally gibberish but easy to remember. (I do it in another language).

  • Martin Trailer writes:
    December 27th, 2014

    This is a symptom of centralization.

    With so much information in a central location, needed for central control, it is a really big target ripe for hackin’.

    Both styles have there advantages, but the disadvantages are magnified on the bigger end.

  • Jim Asher writes:
    December 29th, 2014

    Yep…. Data security haunts all of us. Even the seemingly most innocuous use of the Internet, whether involving credit card purchase or not, can result in enormous damage. We (those on BOTH sides of this problem) should have jumped all over this issue a long time ago. As usual, we are reactionary when we need to be more pro-active. It took us YEARS to finally begin to protect our credit cards using the technology that Europe employed nearly a decade earlier! As you point out, there’s not much the average Joe can do but take cautionary measures. Time will tell whether the new encryption technology will truly make a difference. Can’t wait to see……….. Thanks for your insightful article, Warren. Jim

    • Warren writes:
      December 29th, 2014

      That we still don’t have secure credit cards in the US, Jim, is just another example of the profit motive trumping corporate concerns for data protection. The chip-embedded cards have been around for years, but US companies were too cheap to make the switch over until the recent spate of embarrassing breaches. Now they have the added expense of repairing the damage done to their reputations while they upgrade their systems to the new, more secure cards. Customers should vote with their wallets, punish those who don’t see data security as a vital business concern.


Post a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

SIDEBAR
»
S
I
D
E
B
A
R
«
»  Substance: WordPress   »  Style: Ahren Ahimsa & Martin Black