Hacks and data breaches happen all the time. It’s unfortunate, but it’s a reality that everyone—from businesses large and small all the way down to little ol’ me—must confront. That said, as we near the end of 2014, a few breaches in particular have stuck out to me, not necessarily because of the scale or means by which the attacks occurred but by how the stolen data was used. One is still amidst a headline-grabbing maelstrom, as every current and former Sony Entertainment employee very well knows. Another, known to some as “celebgate,” essentially affected and definitely violated female celebrities, while yet another attempted to destroy the Sands Casino empire because of comments made by its majority shareholder.
Of course, this time last year, Target and all its customers were reeling after its massive data breach. We saw other huge breaches this year, where the motivation was to steal data primarily for financial gain—Home Depot, Michaels, Staples, Neiman Marcus—to name just a few.
But the Sony, celebrity and Sands hacks are much different.
The data stolen in each incident was not used for financial gain but to exercise power, destruction and revenge over others. The famous women were victims of viciously immoral Peeping Toms in the same vein as jealous ex-spouses who take it upon themselves to share intimate photos of women who often simply committed the crime of not liking them very much with the digital world at large.
It didn’t help that the media was all over “celebgate.” And of course people flocked to reddit and 4chan forums to take a peek at the stolen images themselves. Ultimately, the press coverage and the curiosity of millions of Internet users fed into the crime. Actress and victim Jennifer Lawrence rightly pointed out that those who viewed the stolen photos were complicit in the crime.
The Sony Pictures Entertainment hack has a similar, train-wreck, disgusting feel to it, but instead of leaked nude photos, it’s company emails, budgets and salaries and other less significant, internal squabbling.
True, some reports have focused on relevant news, such as alleged institutionalized sexism and racism. But there have been gobs of much less relevant “reporting” that’s fit for gossip columns, not material for leading news publishers.
With Sony, however, it’s of a much more vast scale. Caught up in this crime are some 47,000 current and former employees, including celebrities, whose sensitive personal information is exposed for all online to see. True, these aren’t nude photos, but these are intimate things nonetheless, and the incident is leaving an entire business reeling.
As a result of some of the more questionable reporting, we’re seeing headlines and stories about Angelina Jolie being called names, and how much Seth Rogan and James Franco were paid to drive themselves to work. If so many publications are publishing such sensitive, albeit tabloid-level “news,” are we complicit in the crime by clicking on the stories?
Yes, we are complicit. Stop fooling yourself.
And what about the chill-factor these disclosures have on how we communicate at work? After seeing BuzzFeed’s coverage of leaked Sony emails, my colleague Angelique commented, “makes you never want to send an email again that says anything but ‘you’re a precious flower.’” Must we as professionals reassess how we communicate electronically? Doesn’t that make us fundamentally dishonest?
Though it’s still unclear whether it was some North Korean faction that is responsible for the Sony hack, it is clear who was behind another major, but perhaps less known, hack, that of Sands Casinos. Bloomberg has published an in-depth and fascinating report on how Iranian hackers breached the world’s largest gaming company—worth around $27.4 billion—not, as you may suspect, for Ocean’s Eleven-style money but to destroy it and its head executive, Sheldon Adelson, allegedly for comments he made about detonating a nuclear bomb in Iran.
And unlike the alleged lax data security culture throughout Sony Pictures and the lack of basic consumer security best practice, Sands has some of the best digital and physical security in the world. For example, Sands spent $3.3 million on personal security guards for Adelson and his family in the past year alone, not to mention the financial motivation it has to protect its assets against cheaters.
We are at the early stages of a cyberwar era, one in which information will be used against individuals, private institutions and government infrastructures in new, nefarious and devastating fashions. Of course, strong information security and a legion of privacy professionals will be paramount, and a massive antidote to these hacks and disclosures, but there’s also a cultural realization we all need to come to: Consuming stolen data—whether trade secrets, Social Security numbers or nude photos—only makes the situation worse.
More sensitive information will be leaked. More people will get humiliated. And more businesses will likely face the existential challenges seen by Sony Pictures Entertainment and Sands Casinos. But if publishers propagate gossip-level leaks and readers continue to feed into it, we are only providing motivation and value to those who leak such data and to the very story itself. Shouldn’t we, instead, hone our appreciation for the “right to be forgiven?”
In addition to bolstering privacy and security teams in the public and private world, we must also think about the information we consume and how, if we’re smart about it and don’t click on and buy into its egregious uses, we could possibly devalue and undermine the motivation for much of this data humiliation.
That would give everyone more time to focus on the important stuff, like security, justice and our right to be human.
Top image taken from NBC's Saturday Night Live.
If you want to comment on this post, you need to login.