Tuesday, October 25, 2011

Pitting Hackers Against Hackers (A Republish from Editorial Writing Class)


The University of Georgia recently announced that nearly 19,000 staff and employees’ personal information has been found on a public website. Personal information not only included names, birthdays, and addresses, but home phone numbers and social security numbers. The information has been available on the site since 2008. And while it isn’t completely the fault of UGA, that’s still 18,341 employees who could possibly have their identities stolen.

Unacceptable.

While the University of Georgia investigates how confidential information could have ended up on a public site, many fingers are pointing at hackers. If it is indeed an issue of computer hacking, it wouldn’t be the only incident. In fact, this month the US military discovered that its drones’ computers were hacked at a military base in Nevada. Now, it’s going beyond affecting individual identities; this is an issue of national security.

So, how can we stop these hackers?

With the increasing number of information breaches around the world, the Open Security Foundation, a non-profit organization, has developed a data loss data base for anyone to report an incident. The idea of the program is that transparency is key to educating victims of hackers. The lists on the Data Loss website include reports from individuals and small-town dermatologists to the Washington Post and MasterCard.

But is transparency enough to stop hackers? Has transparency ever been enough? . . . I think not.

Following Julian Assange’s release of Wikileaks.org, Secretary of State Hillary Clinton said, “Let’s be clear: This disclosure is not just an attack on America’s foreign policy interests. It is an attack on the international community – the alliances and partnerships, the conversations and negotiations that safeguard global security and advance economic prosperity.” Assange violated the U.S. statute 18 USC 793(e), which basically protects the U.S. government and military from people exposing information that might affect national security. However, besides a U.S. statute that protects the military, we don’t really have official protection from online hackers.

Not only is the government slow to take action, large corporations are even slow to be proactive against hackers. For example, Delta Air Lines, Inc. has one of the largest customer loyalty databases—meaning they have the personal information of millions of customers, crossing borders into other nations. Still, the airline industry mostly worries about hackers getting into the air traffic control computers than losing the information of its customers, mostly because social networks provide enough personal information for identity theft these days anyways.

Delta and other large corporations only protect their systems with anti-virus spyware. It hasn’t yet hired a team of anti-hackers ready to blast away any and every attack on air traffic control computer, non-the-less customers’ personal information. Anti-hacking systems are too slow and non-proactive for our current technology. Even if there’s more transparency with organizations like the Open Security Foundation, it isn’t enough to stop hackers.

While it’s a great start to an omnipresent issue, something else has to be done before more Watergate-WikiLeaks scandals happen. Why are hackers befuddling governments? Is it a game for them or do they know something our governments don’t?

If that’s the case, we need to get hackers on our side. Rather than standing by and watching our identities and personal information evaporate into the Cloud, let’s hire hackers to stop hackers.

And, rather than relying on computer software, the U.S. government, corporations, and individuals need to be more proactive by either training employees or educating themselves on proper anti-hacking procedures. If we do this, maybe the University of Georgia wouldn’t be investigating how nearly 19,000 employees’ personal information ended up on a public domain. Or maybe WikiLeaks wouldn’t have happened.

1 comment:

Heids said...

Excellent point. Makes you think the only real hope we currently have is hoping the identity thieves find someone else more interesting.