What Facebook’s Hack Can Teach Us About Cybersecurity
In a colossal data breach about a week ago, the personal data of more than half a billion Facebook Inc. users appeared on an online hacking forum. The records contain personal information for more than 32 million accounts in the US, 11 million in the UK, and 6 million in India, according to Along Gal, CTO of cyber intelligence firm Hudson Rock.
The breach is a reminder of Facebook’s ability to collect troves of personal information on its users, as well as the challenges it faces in securing such sensitive data. The incident is a reminder of Facebook’s tumultuous history when it comes to data privacy.
Another hack of the company dating back to 2018 was at the time the largest in the company’s 14-year history. For this incident, attackers exploited a feature in Facebook’s code that allowed them to gain access to over 50 million user accounts with the potential to control them.
At the time lawmakers suggested that the government may need to step in if the social network was unable to get better control of its data security. In July 2019 Facebook was hit with a fine of $5 billion by the US Federal Trade Commission (FTC) for data privacy violations.
Fast forward to 2021, and Saturday’s leak may now go down in Facebook’s history as a turning point for the company, with lawmakers looking to renew calls for tighter regulation of the tech giant once more.
The latest leak reportedly includes the personal information of 533 million users, including phone numbers, IDs, names, locations, birth dates, bios, and in some cases even email addresses.
The information was made widely accessible for free to anyone with entry-level data skills. One Twitter user even pointed out that the way the data was sorted and posted made it far more easily accessible for online criminals to exploit.
A Facebook spokesperson said in an email statement, “This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019.”
Although the data set is from 2019, it could still be of high value to hackers and cybercriminals who engage in identity theft schemes. Additionally, the reputational impact of a hack like this may be far more costly to Facebook than the potential threat it poses to its users.
In the long run data leaks like these threaten to undermine Facebook’s business model, which is based on gathering large amounts of personal information on its users. This data is then sold to companies looking to buy targeted ad space.
Without the trust of their users to collect and protect this sensitive data, Facebook Inc. will be taking a big hit to its brand’s reputation in the public eye, as well as the trust of its shareholders.
With nearly 19% of the social media giant’s 2.8 billion user profiles compromised on Saturday, the incident may be a wake-up call for the tech giant to do far more to protect its most sensitive assets.
Countless security experts have raised concerns over the years about the efficacy of existing security protocols in place at social media companies. As a whole, big tech platforms are struggling with securing the personal information of their users, and more generally protecting more sensitive information and applications.
Numerous security solutions and security patches signal an apparent losing battle to stay up with the increasingly sophisticated hacking attempts. This is all before the surge in information, access points, and automation expected from 5G, IoT, edge computing and AI even reach peak global adoption.
Over the coming years, information flows are only expected to increase as 5G networks, and AI-controlled applications make points of control increasingly exposed. As far as the growing ubiquity of this technology, the question remains: if big tech can't keep pace today, what will cybersecurity policies look like when trillions of IoT devices are connected online?
For some, the writing is on the wall. The pace of hacking incidents such as Facebook's most recent hack will only continue to increase requiring high-performance computing technology to protect their most vulnerable endpoints.
The best of emerging computing platforms pull it all together under a new security paradigm. Whether they’re called confidential computing or zero-trust, these security processes will become essential to protecting our most sensitive data and applications.