Here's something you probably didn't think about. Do you remember when I told you about the big data breach at the mega-popular affair site AshleyMadison? In that hack, 50 million user accounts were compromised - email addresses and emails, customer records, credit card numbers, and physical addresses, all stolen and threatened to be leaked by a group called The Impact Team ... for 50 MILLION people!
While that breach is exposing more than 50 million cheating spouses worldwide, it's also exposing some more sensitive information regarding our national security. The folks over at Venture Beat did the math and if we assume that only half of those 50 million cheaters are Americans, the breach will expose an estimated:
- 1,250 federal and state elected officials
- 2,500 FBI employees
- 2,500 NSA employees
- 2,175 full-time nuclear power plant workers
- 3,500 TSA employees
- 25,000 DHS employees
- 35,000 local elected officials
- 60,000 people with top secret security clearance
Keep in mind that these are just rough estimates, but the thought is still scary. If one hacker group that nobody had ever heard of before can bring down this many people in important roles with the federal government, imagine what else is possible. Once just one of these's people's credentials are stolen, an entire wealth of sensitive information could also be leaked.
It's also scary to think that funding for cybersecurity will exceed $3 billion this year, but it's still a game of catch up at this point. No matter who you are, "we are only as secure as the least secure site."
So what should we do? According to the VentureBeat, investing in cybersecurity is a start, but it's not the only piece to the puzzle. We also need a cultural solution to our cultural problem. Therefore, we need to redefine our concept of what's personal or private. "Plenty of other Western nations, particularly France, have a much more open mind about the sorts of things that here in the U.S. are fodder for blackmail."
And it's that line of thinking that's opening the door for a new type of hacking on the social engineering front: shaming. Why bother with a brute force attack when you could bring down a company like AshleyMadison with some good old-fashioned shame?
The Verge sums it up perfectly: "If we want to craft a credible defense against cyber terrorism, we need to attack it from all fronts. We need to continue investing in counter measures, but we also need to recognize that 20th century concepts of personal privacy place us all at risk in a 21st century world. Shame might be the strongest weapon our nation’s enemies can wield against us."