January 11th, 2011
It is evident that many companies still lack security, at the same time carrying millions of personal information of their customer. Today many countries heavily rely on computer technology and are vulnerable to cyber-attack. Currently working as a system engineer, I see a great need for the future generation to hold awareness of this very concern. Working in an information technology industry I have experienced cyber attacks resulting in an interruption in computer systems and unprivileged accesses to sensitive information. Average people are in jeopardy of their personal information being sold to marketing companies and some becoming a victim of identity theft. Cybercrime has already brought many concerns to the general public although not many effective policies have been set here in the US, such as China. Although too strict policy can take away the basic human rights to freedom of expression and access to shared information. There would be a need for an adequate awareness of the general public and solution for lawmakers to respond to a crime involving computers maintaining the ‘openness’ of the technology.
Leap in Innovation, Built for Performance
From my experience, growing up with video games back in the 90s, I physically witnessed the great technological advances that have been made. Video games such as Nintendo 64 released in 1996 having 4MB (4,000,000 bytes) of memory capacity where the newest line of product, Nintendo Switch, having 4GB (4,000,000,000 bytes) of memory capacity. The speed at which technology has improved in our generation is substantial and has kept accelerating at a substantial rate. Not only video games but television, cellphones, music players, and the internet have made a huge leap in technology. More the hardware continued to evolve, more features and robust software were able to run over it. As computing technology evolves, I found that people became more reliant on saving personal information over it. As the concept interconnection of computers, the internet, developed worldwide, technically personal information is exposed to the world. In my early years after graduating high school, I studied computer networking, which has led to an opportunity to work at an internet service provider in Japan. I soon find myself in a large, freezing room full of loud roaring machines stacked over each other, every once a month. I felt astonished and amazed to examine what was really under the hood of the great internet.
Going through thousands of diagrams and blueprints illustrating network circuits connecting all around the world, gave me a clear understanding of the scale of this great technological revolution. Researchers from Harvard University and Bureau of Economic Analysis, show that by the early 21st century in the United States, the IT-using industries contributed substantially to US economic growth by replicating established IT innovation, investments leading to enormous financial commitments, and workforce put to the industry has largely contributed to its entirety. (Jorgenson, Ho, & Samuels. 2016, pg. 407). The societal commitment and recognition from governments and incorporate allowed information technology to become more dominant over time.
At that time working at an internet provider company, I also had the privilege to look through the history of incidents clients had with their network circuits. Network service outage due to weather and outage due to human mistakes were common reasons. As a Japanese company, they had a strict policy in finding the root cause of a particular incident and apply countermeasures over countermeasures. Everything was documented in details, but I have noticed that there wasn’t any documentation on cyber-attacks nor any effective measure was in place. I asked one of the technical operator managers I was working on this very concerning issue. Why are we so advanced in technology and there are still new loopholes that keep on coming up? He said the same thing as Dr. Howard E. Shrobe, a computer science professor at M.I.T that every computer technologies were “built with performance, not security, in mind” (Perlroth, 2014). As of how computers are generally made, programmers would have to measure security through their code and even one mistake can become a single point of failure. No one knew, at first, that the internet would evolve in such a way we have today and no one have imagined the side effects of this technological evolution. The fundamental issue with security continues to persist as technology evolve to build over it.
Complex Socio-Technological Era
After a couple of years working in Japan, I wanted to learn beyond the technology of the internet and more into computer science. I had decided to return back to California and I was able to find a job in San Francisco, as a system engineer. It was difficult at first but I was to catch up in my studying to be proficient in my position fairly early. I was also able to make friends at work as well and Facebook was a prominent way to communicate with friends and family at the time. I noticed something strange with my Facebook account, where I find unknown friends on my friend’s list and I was sharing posts that I never usually share. My account seemed to be hacked but a couple of my friends have also had the same exact issue. Not only computer hacking but publically allowing friend suggestion function of Facebook can lead users to expose their personal information, which can be randomly accessed by unknown Facebook users. (Jung, Walden, Johnson, & Sundar, 2017, pg. 1079) Allowing strangers to your view your Facebook can expose your personal life, location, birth date, and email address. Social networking can be a great vulnerability in a person’s private information and it can also affect other friends on your friend’s list to become a victim.
Social networking websites such as Facebook have their own disadvantage in the availability of shared private information and the trust in provided information from real friends. Hacker named Stanford Wallace, known as the ‘Spam King’, successfully sent 27 million spam messages to the more than 500,000 users over only three user sessions during four days. (Lewontin, 2016). Hacks like this can be carried out effectively in a surprisingly short amount of period. The damage that he may have cost can be a lot more catastrophic. Most of all, the majority of the people would not even notice that they have been a victim of identity theft and their personal information can be accessed without consent. Leaked email addresses and passwords can also be used on different websites, including banking and shopping websites, to see if anyone used the same credentials.
Over the years working as a system engineer, in order to understand the underlining vulnerability in computer systems, I have started to work more in software and programming. I have noticed this vast open source community that has shaped many of the recognized operating systems and applications today. Open source software has copyrights that allow anyone to use, read, revise, and distribute the software for any purpose. Free services were everywhere on the internet and many people enjoyed this freedom of open source software. Although like many things that are too good to be true, companies use them to collect personal information from users to sell to marketers and hackers uses them to set up a honey trap. John Costello, the president of global marketing and innovation at Dunklin Brand stated, “We’ve had companies offer to build our mobile app for free if they could have access to the data, and that was pretty enticing because it was a big investment. And we said no.” (Neff, 2015). Marketing companies buy user databases from many companies to see who is interested in what product. An organized list of emails for people buying certain products helps targeted sales in that certain area. We have come to this complex socio-technical era where personal information carries a real dollar value in a trade and at the same time many of us voluntary exposing them ourselves to the world.
Maintaining the Freedom
Recognizing the importance of personal information, there is a fundamental right to all people to use and have access to public information. Living in America, I had a lot of opportunities to talk to people around the world. I was able to compare the type of rights people have more or less using computer technology in different countries. Countries like China have taken a further step to set the line between the outside worlds at an early age, in a rather aggressive manner. Chinese population still do not have access to websites like Google or Facebook and have strict censorship against the outside world. As the article from the Oxford Analytica Daily Brief Service (2016) describes that the number one objective as a country would be national security and China aim to complete control and fully secure technology. Chinese government pushes to control the mainstream media and localize businesses. China has made the stakes higher for businesses outside the country, such as Uber which have left. Average Chinese citizen would only be able to access services and information locally inside their country.
Not many Chinese come favorable with the harsh regulation that is set to the internet, where it takes out the ‘openness’ of the internet. On the other hand in the United States, the Computer Fraud and Abuse Act were one of the few laws that protected the public from cybercrime. (Wolfe, 2015) There are laws that are put in place for computer security in the United States such as the Federal Information Security Management Act for securing government infrastructure, Health Insurance Portability and Accountability Act for stronger compliance for health care, and Gramm-Leach-Bliley Act for financial institutions. There are also laws signed to enforce corporates CEO to follow, such as the
Sarbanes-Oxley Act, however, they are not necessary for the customers and the general public but to protect the interest of investors in the company. (Thomson Reuters, 2018) In recent years, the United States government have funded billions of dollars in cybersecurity. Regulation and law enforcement is changing drastically. Although, we can never forget to protect the people’s right to use the internet freely. As the founder of Facebook, Mark Zuckerberg, in his 2015 post remarked, “If we ignored a lawful government order and then we were blocked, all of these people’s voices would be muted.” (Genser, 2014). Regulation is never the answer to anything. Security measurement such as setting higher compliances for handling personal information, education in cybersecurity, investing on robust infrastructure, and developing a more secure computer and software should be the way that we should fight against cybercrime.
Conclusion
There is a strong need today to develop an adequate policy and secure computer infrastructure to protect the general public from cybercrime. Countries like China have already set policies of their own however some of the aggressive policy disturbs the general freedom of human rights. Today many countries heavily rely on computer technology and are vulnerable to cyber-attack. Working as a system engineer, I see a great need for awareness to apply a fair and suitable solution to fight against cybercrime, protecting the openness of the internet. The security policy must be set but in a manner that encourages education in cybersecurity, upgrade to newly compliant systems, and develop a more robust computing technology.
References
CHINA: Cyber Strategy Will Have Global Impact. (2016). Oxford Analytica Daily Brief
Service Retrieved from https://csuglobal.idm.oclc.org/login?url=https://search-proquest-
com.csuglobal.idm.oclc.org/docview/1812484660?accountid=38569
Genser, J. (2014). What the United States Can Do to Protect Internet Freedom Around the
World. Retrieved from
states-can-do-to-protect-internet-freedom-around-the-world/?utm_term=.433ff80474c9
Jorgenson, Ho, & Samuels. (2016). The Impact of Information Technology on Postwar US
Economic Growth. Telecommunications Policy, 40(5), 398-411.
Jung, Walden, Johnson, & Sundar. (2017). Social networking in the aging context: Why older
adults use or avoid Facebook. Telematics and Informatics, 34(7), 1071-1080.
Lewontin, M. (2016). Why Self-Proclaimed ‘Spam King’ Got 30 Months in Prison for
Facebook Hack. The Christian Science Monitor, p. The Christian Science Monitor, June 16,
2016.
Neff, J. (2015). As Data Grows More Valuable, Marketers Seek New Ways to Secure It.
Advertising Age, 86(20), 0018.
Perlroth, N. (2014). Reinventing the Internet to Make it Safer. Retrieved from
Thomson Reuters. (2018) What is the Sarbanes-Oxley Act. Retrieved from
http://consumer.findlaw.com/securities-law/what-is-the-sarbanes-oxley-act.html
Wolfe, N. (2015). Hacking the Anti-Hacking Statute: Using the Computer Fraud and Abuse Act
to Secure Public Data Exclusivity. Northwestern Journal of Technology and Intellectual
Property, 13(3), 301-315.
