How Anonymous made us all a bit more aware of data security

(and hopefully made us all change our passwords)

I’m bringing in videogames again this week. See, next month marks the anniversary of Anonymous hacking Sony’s servers for the PlayStation Network (PSN). This attack was just the beginning of a summer of various attacks on both websites and services related to gaming plus attacks on government and corporate websites.

Indeed, 2011 was the year that hacking really came to the headlines and not just because of phone hacking accusations at numerous newspapers in the UK. According to data recently released by Verizon, 58% of the data stolen last year was done by so-called ‘hacktivists’ such as groups like Anonymous and LulzSec.

And the thing that worried those charged with stopping data breaches like the one that happened to PSN users? As Verizon explains: the fact that there didn’t seem to be any logic to the attacks.

People are part of the problem

The number of breaches reported to Verizon for their study was:

855 incidents, 174 million compromised records

That’s a lot of data. Apart from companies that failed to sufficiently encrypt the data of individuals and organisations, the people behind that data, the individuals, were also just a teeny, tiny bit to blame along with the hackers. For what 2011 proved was that not enough people were taking the necessary steps to keep their data secure, even with simple steps such as not using the same password for something like PSN as well as their email account.

Human error is one of the biggest causes of data breaches. Even in sensitive areas such as healthcare, people are often the lead cause of leaks. And that’s sometimes without anyone directly hacking systems. From passwords that are too easy to guess from a brute force attack, to pen drives being left on Tube trains, to privileged users abusing their systems access – people are the weakest link in any security offering. As Bryan Sartin remarked to the Guardian about the Verizon report:

“I’d love to tell you we see a lot of indications that companies are getting better and more secure. But if you look at where these companies are falling down, it’s still unfortunately in common sense.”

Too many companies are still failing to implement basic, yet effective, security measures that instil in employees the skills necessary to keep data secure and the understanding of why.

Physical security is not enough

If it’s people that cybercriminals mainly have to crack when hacking, then I can’t help frown at the slight folly of having a moat surrounding a huge datacentre – but there is one surrounding Visa’s Operations Centre East in the US. It might be enough to keep those Mission Impossible types out, but the past year has also shown how widespread cybercriminal activities have become against sovereign nations and corporations.

And much of this has not been instigated on the soil of those nations that have been affected. Regardless of whether it’s government institutions, utilities or enterprises being hacked – there are great concerns about the cyberwarfare capabilities of some countries, including China.

While 2011 perhaps showed the general public that having the same password for a multitude of services was probably a bad idea and made some organisations feel sheepish about their encryption policies – people need to remain vigilant. Because all the security software in the world doesn’t mean a thing if people don’t treat with respect it and the data it protects.

Header image adapted from “dir /s” by *n3wjack’s world in pixels under a Creative Commons Attribution-ShareAlike 2.0 Generic license.

More posts you might like…

A rant about SEO copywriting for B2B

Keywords and a crowbar: a rant about SEO copywriting for B2B

Every B2B copywriter should be able to follow your SEO strategy. But if that strategy is "use abstract keywords from this spreadsheet as many times as you can", we need to talk.

Avoiding v12 hell: how to stop your B2B content getting stuck in approvals limbo

There are many reasons why a piece of B2B content gets trapped in endless rounds of edits. Here’s our guide to avoiding practically all of them.

Make your writing more effective

Get copywriting tips and advice — direct to your inbox every month: