Aside from health and money, the most important element for people is their data. It is essentially their identity in today’s online world. It shows where we live, our family, our health details, practically everything that makes you who you are is held in data.
It is the importance of data that makes it so imperative that data custodians do their utmost to protect it, because if it falls into the wrong hands it can have a huge amount of damage.
The week that I am writing this has seen one of the highest profile data leaks ever from the World Anti-Doping Agency (WADA). Early reports suggest that the hacking group, Fancy Bears, who are responsible for the attacks, have Russian links and the attacks may be in response to accusations of state funded doping in the country. However, regardless of who is responsible, the fact is that sensitive medical information has been lost.
Unfortunately, the attack wasn’t even particularly sophisticated, using a Whaling, or Spear Phishing, attack to get access to the database of athlete results and potentially their medical history. It is a massive breach, not only technologically but also in terms of trust. WADA needs to be one of the most trusted and secure organizations in the world because their findings and testing impacts the reputations of people looked up to by billions of people around the world.
A phishing attack is basic, it is essentially tricking somebody into giving you their password to something, they can sometimes be complex but with some basic training are simple to prevent. It is essentially showing the main weakness in all data security in the world is still humans.
It is also something that there is no way around because we have data in order to access it and utilize it. It is the one part of the process that is always necessary and yet it is the same part of the process that is also the most vulnerable.