Confidential personal and financial information can be a valuable asset for criminals — these can be used to steal identities, money, data, and more. The vulnerability of centralized financial institutions has led to a reduced trust in favor of decentralized systems. This is evident with the rise of blockchain and cryptocurrencies.
Service providers with centrally-governed infrastructures cannot guarantee safe storage of confidential information. We often see bugs in security solutions that compromise clients’ personal and financial data.
Sometimes, the human factor is the weakest link. Bank or company employees can become victims of phishing or social engineering schemes, and thus inadvertently grant system access to hackers. Many cases of massive fraud have been perpetrated by insiders — clerks, contractors, developers, and other such persons — who might purposely introduce malicious code into the system with the intent of gaining illegal access.
Some examples of data theft:
● In 2017 details of all the American clients of OneLogin, a centralized provider of identification and access control, were compromised by criminals due to a bug in the security system.
● According to the report of Norton Cyber Security, in 2017 cybercriminals hacked $172 billion from the accounts of more that 978 million users in 20 countries.
● In September 2017, Singapore middle school Ximin confirmed a data leakage wherein personal data of students had been rendered public and placed on a file hosting service.
The existing systems for access control are extremely unhandy and too complex to use. 8+ digit passwords, which are supposed to be unique, as well as two-factor authentication are not only boring − they do not protect against hackers.
Security expert Bruce Schneier says that security measures such as passwords and 2FA are not sustainable:
I foresee that banks and other financial institutions will spend millions of dollars to increase safety of their clients with the help of two-factor authentication. Initially the first users of this technology will appreciate a significant decrease in fraud, as the cybercriminals will pass to easier targets. After some time the number of attacks and theft will return their initial indicator.
Besides the problem of data security, there is another issue in play: Currently, user data is completely in the hands of companies and huge enterprises.
The user information is not controlled by its owner. It thus can be used by any organization. Google, Facebook, Apple and Amazon control personal information of their users. Big, medium and small companies track user activity both online and offline — for example, companies can use geofencing to gather Big Data for commercial purposes.
Thus, conspiracy theories — “Big Brother is watching you” — have become a fable among the people. Our information does not belong to us anymore. It belongs to companies, which control it and do whatever they want with it. These are banks, insurance companies, social entities, supermarkets, web services, and other bodies whom you consciously or unconsciously share your personal information with and who have control over such information.
What’s more concerning is that they earn money by selling your data or using your data to sell advertising. We, the users, have become the product!
Join us: https://telegram.me/itrueio
