Cybersecurity

If hackers didn't exist, governments would have to invent them

OleGunnarUA/Shutterstock.com

The hackers who dominate news coverage and popular culture -- malicious, adolescent techno-wizards, willing and able to do great harm to innocent civilians and society at large -- don't exist
 
The perceived threat landscape is a warped one, which directs attention and resources to battling phantoms, rather than toward preventing much more common data-security problems. According to the Privacy Rights Clearinghouse, the loss or improper disposal of paper records, portable devices like laptops or memory sticks, and desktop computers have accounted for more than 1,400 data-breach incidents since 2005 -- almost half of all the incidents reported. More than 180,000,000 individual records were compromised in these breaches, which included individuals' names, Social Security numbers, addresses, credit-card information and more. This is compared to the 631 incidents from the same period that the Clearinghouse assigns generically to "hacking or malware." Your private data is more likely to be put at risk by a factotum leaving a laptop on a train than by a wired teen with too much time on his hands.
 
Insider threats, otherwise known as frustrated grown-ups with real jobs, also constitute a significant challenge for information security. The Wall Street Journal recently reported on a survey which showed that 71 percent of IT managers and executives believe insider threats present the greatest risk to their companies. 
 
And the recent high-profile security breach at LinkedIn shows that one of the greatest risks to our personal security is ourselves: more than two-thirds of the leaked LinkedIn passwords were eight characters or fewer in length, and only one percent used the mix of upper- and lower-case characters, numbers, and symbols that makes passwords difficult to crack.

Read more at The Atlantic.

(Image via OleGunnarUA/Shutterstock.com)

Threatwatch Alert

Credential-stealing malware

None of 20,000 patients affected were ever notified of 911 computer breach

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// April 22