Another Day, Another Hack
by Emily Hier
Data is more valuable than ever.
It’s been a year since North Korea allegedly hacked into Sony’s e-mail and in turn, revealed a mass of personal details about half of Hollywood. I remember being one of those sad people hanging off the edge of my seat, desperate for gossip.
Much closer to home, Talk Talk was severely hacked in a cyber security attack last week, possibly by a 15-year-old Irish boy and his accomplices. And as much as the Daily Mail might beg to differ, this looks like it might be a one off - cyber attacks are rarely the work of idle school boys.
No organisation should think of itself as truly ‘safe’ - some companies don’t quite enforce this, they think their data isn’t valuable. Of course it is! By not spending money on their defence system is just putting up a giant sign with the words ‘COME AND HAVE A GO IF YOU THINK YOU’RE HARD ENOUGH’.
System Failure
Current corporate thinking of the last 30 years is around having a single centralized system - but that’s an easy route for hackers; one way in, one way out. It’s better to have individual systems, completely separated and unconnected, so each would have to be separately compromised. A cheap and cheerful solution to consider ending ‘one size fits all’ regulation.
Something else to consider is if people - and by this, I mean people who aren’t tech/news junkies like you or me - actually care about their data being breached. Snapchat, by example, recently asked me to accept its new terms and conditions. Did I read them? Er, no.
The next day I found out Snapchat had hidden some important stuff inside that boring document. They are now able to see what sites I visit before I use the app. Scary stuff. I’m sure many people just skipped right past the terms and conditions without checking, just like me.
That’s so 1984
Safe Harbor might have solved that problem for us though - people clicking accept on T&Cs is no longer a defence for corporates to abuse people’s reasonable rights to privacy. Individual European countries can now set their own regulations for US companies’ handling of their citizens’ data.
With many users taking a “don’t know, don’t care” attitude to their data, how do we get them to care, is the question? Perhaps they will start to, with the announcement that the police are lobbying the government for powers to access browsing history of every computer user in the UK. How Orwellian.
Photo courtesy of dpo.ie.