The New York Times has an excellent series of reports on topics related to digital privacy. I don't think technical people will be surprised by the technical issues described but some of the motivations of hackers might not be something we think about. And both the layman's description of the technical aspects and of the hacker motivations are elements that can be shared with friends, family and co-workers.
The message for us is that surveillance is far more common than most people would suspect and that being truly safe is extraordinarily difficult. The article puts to rest the idea that “I’m not important enough to be targeted.” Anyone who might be a conduit to a “high value target” must also be considered a possible target. Modern hacking tends to be a multi-step process by which the attacker uses lower level people to collect the information that will then be used to compromise the primary target. This is one of the reasons organizations need to consider security on an institutional basis and not based on the perceived vulnerability of specific individuals. A chain is only as strong as its weakest link. One last thing: don’t assume that the value of your site is the value it represents to hackers. Hackers may want to use your server to run a variety of criminal activities.
No comments:
Post a Comment