As the digital world shifts increasingly to cloud-based services backed by faster computing power and internet connection speeds, the issues of cyber crime and information security have become significantly more important to the average user. In spite of that fact, a significant proportion of individuals (including college students) remain ignorant and unaware of the serious threats these issues present to their finances and digital identity.
The recent spate of cyber attacks mounted by various online hacker groups should cause individuals to rethink their online presence and encourage them to strategically approach the management of their personal information on the web. Groups such as Anonymous and the recently disbanded Lulzsec have wreaked havoc in cyberspace by gaining unauthorized access to information stored by a broad range of organizations, including corporate giants like Sony and governmental organizations such as the FBI and CIA.
Remarkably, these incidents have evoked little public outrage, in part due to the lack of adequate coverage from the mass media. The WikiLeaks organization, which released hundreds of thousands of diplomatic cables last year, was chastised for months for publishing documents authored by governments around the world.
In contrast, the release of personal information belonging to millions of individuals received comparatively little coverage as the perpetrators continued to expose security flaws in major websites over many weeks.
For example, when the hacker group Anonymous breached the Sony PlayStation Network in April, it retrieved the personal information of over 77 million accounts, each potentially containing the credit card information of its owner.
Consumers should demand more security and accountability from businesses like Sony, with whom they entrust their personal information. In the weeks following the security breach, a group launched a class action lawsuit against the company for failing to secure user data. While I wholeheartedly support their cause, the costs associated with these actions will be ultimately passed down to the consumer, and does not guarantee that user data will be more secure in the future.
In order to decrease the likelihood of such attacks from being successful in the future, consumers should lobby companies and governments to know in simpler terms what means are used to secure their data and how their personal information may be used by third party applications. Would you store your valuables at a bank after you saw that they used common gym locks to secure their safety deposit boxes? Why would you trust an organization that does essentially the same with your personal information?
Finally, consumers also bear the responsibility to secure their information by maintaining strong passwords and encrypting their data whenever possible. Creating a strong password using alphanumeric and special characters is currently the consumer’s best defense against such attacks, at least until the companies responsible for securing user data become more capable at resisting them.
While it is easy to malign these hacker groups for exposing such a large trove of data, they do deserve credit for bringing the issue of cyber security to the attention or major corporations and governments. After all, there are many more groups operating with similar capability and more nefarious intentions who don’t announce their exploits to the public. Groups like Lulzsec do force companies to secure their data and alarm consumers to the seriousness (or lack thereof) with which their personal information is handled.
Cyber crime and information security will continue to become increasingly important as the world becomes even more connected during the 21st Century. It is the responsibility of all stakeholders, particularly consumers, to insist that personal information is stored safely and securely.