Ul­ti­mately, we’re all hack­able

Tech­nol­ogy can only do so much. So, should we worry? Nah, who wants to read our bor­ing e-mails and pics of lunch?

The Star Malaysia - Star2 - - Opinion - star2@thes­tar.com.my Ja­son Godfrey

IF you’re a fan of Game Of Thrones (GOT), you might have got a lit­tle more GOT than you ex­pected this past week: se­ries pro­ducer and satel­lite TV net­work HBO was hacked, with the hack­ers claim­ing they stole 1.5 ter­abytes of data. That’s even more data than was stolen at the 2014 hack of en­ter­tain­ment com­pany Sony that saw dig­i­tal thieves make off with 200 gi­ga­bytes of data (and some em­bar­rass­ing e-mails, be­cause we all have em­bar­rass­ing e-mails).

Ear­lier this year there was the Wan­naCry virus that was de­signed to hit old Win­dows op­er­at­ing systems and hold data for ran­som. And the world found out that the ma­jor­ity of users of old op­er­at­ing systems were places like hos­pi­tals, and so doc­tors found them­selves locked out of vi­tal pa­tient data.

The threat of be­ing hacked, es­pe­cially in a day and age when our lives are on our phones, tablets and lap­tops, is a sober­ing re­al­ity now.

But how likely is any one in­di­vid­ual to get hacked?

First off, where would we get hacked? Many peo­ple – in­clud­ing my­self – are hes­i­tant about us­ing Cloud stor­age systems. Af­ter 2014’s Fap­pen­ing – when com­pro­mis­ing pho­tos of many celebri­ties were re­leased af­ter their ac­counts were hacked – it seems to be a le­git con­cern. But in a chat with the good folk at Google, I learned some­thing: stor­ing our data has been de­signed to be a com­pli­cated process ex­actly so we can’t get hacked.

Take the ex­am­ple of a selfie that I store in the Cloud. Yes, the data is up­loaded to the Cloud. But the Cloud is con­tained in server farms around the world. So that selfie ends up all over the world, in part for back up, in part so if I travel to another con­ti­nent, I can see a photo of my­self just as fast as when I’m at home. Nar­cis­sism is fun and easy with the Cloud!

But the part I didn’t know is that only parts of that photo are stored on any one server. So that selfie is bro­ken down into dif­fer­ent pieces and stored all over the place, and only when you have all the parts can you ac­tu­ally see my pic­ture. That’s pretty se­cure.

And then imag­ine this: each piece of that selfie is given a dif­fer­ent en­cryp­tion key, so even if you do get hold of all the parts, if you don’t have the en­cryp­tion keys, you can’t ac­tu­ally put the photo to­gether and look at my smil­ing face.

So even if you were to hack the Google Cloud, you’d most likely end up with a bunch of par­tial files that you don’t have the en­cryp­tion keys for – es­sen­tially, a lot of gib­ber­ish.

That seems pretty se­cure. And it has to be. Google and lots of data stor­age ser­vices make their money by pro­tect­ing our data, so if some­one can hack it, they would be use­less.

So what went down when the Fap­pen­ing was hap­pen­ing (couldn’t wait to use that!)? Ba­si­cally, a bunch of celebs were us­ing care­less pass­words like “1234” and “pass­word”, and their ac­counts were hacked with brute force. Ba­si­cally, the user was the weak­ness.

But back to the HBO hack: Surely a big com­pany like that would use data stor­age ser­vices with the type of se­cu­rity I de­scribe above. Turns out it didn’t. Roderick Jones, founder of cy­ber se­cu­rity and pri­vacy firm Ru­bica, says that me­dia com­pa­nies lag far be­hind on tech and cy­ber se­cu­rity, and that most likely the hack was done through one of the com­pany’s older op­er­at­ing systems, just like in the case with hos­pi­tals.

Which re­ally makes no sense: The places where lives are sup­posed to be saved de­pend on out­dated tech while the places used to store pho­tos we take of our lunch or our gen­i­talia so we can send it to that spe­cial some­one use state-of-the- art se­cu­rity.

HBO seems to have been a vic­tim of be­ing too cheap to up­grade Win­dows XP.

So maybe our data is safe in a Cloud, as hack­ers seem to be go­ing af­ter low hang­ing fruit – but, guess what, low hang­ing fruit is ba­si­cally all the data we keep on our de­vices that isn’t stored on­line, I dis­cov­ered.

When I was at De­fcon (the huge hacker con­ven­tion held an­nu­ally in Las Ve­gas) there was a fun con­test to see who could hack into peo­ple’s de­vices on open net­work WiFi, like the con­nec­tions of­fered in ho­tels and cafes. In fact, open WiFi con­nec­tions are some of the eas­i­est things to hack, and if you’re like me – too cheap to pay for your own In­ter­net con­nec­tion – you’re on open net­works all day long. I’m writ­ing this col­umn on one right now!

Ul­ti­mately, we’re all hack­able. If some­one puts their mind to it, maybe the only thing pro­tect­ing the av­er­age per­son – ie, you and me – from be­ing tar­geted and hacked is that no one wants to read our bor­ing e-mails.

Catch Ja­son Godfrey on In­spir­ing Homes on Life In­spired (As­tro CH 728).

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.