CONTRIBUTED by Michael Klotsman, Edited by Byawoman

There is an apt quote that reflects a very crucial point every person would benefit greatly from internalising and understanding. As we embark on the subject of cyber security, I leave you the quote to under-lace with the discussion. It has been expressed numerous times by many prominent figures throughout history, but the following excerpt is translated from the decrees written by the French National Convention, during the French Revolution in 1793:

“They must consider that great responsibility follows inseparably from great power”

Cyber security is a complicated subject because it reflects some key paradigms between how human beings and technology interact. A few interesting factors to keep in mind while considering the subject matter of cyber security are:

1. Practically every nation on earth is currently interconnected and interdependent on computer technology infrastructures for society to function and expand. This is ever-present in every facet of product and service creation/deployment for virtually all core departments of data archival and transactions of communication, commerce and governance in existence.

2. This technological dependency will only rise exponentially and expand in ways that we can reasonably predict, and beyond that … we simply cannot fathom.

3. Computers, from inception until now, are inherently as dumb as bricks. They possess no degree of (independent) intelligence and are compelled to follow whatever logic/instructions are fed to them and executed via the scope/synergy between the respective hardware (physical) and software (digital).

4. All (computer) technologies are created by human beings. As a result, they are indefinitely going to be compromised by fellow human beings. Ultimately, this means that there is no perfect, impenetrable computer system that has been created from their inception up to this point (and most likely moving forward, assuming AI (Artificial Intelligence) is managed considerately).

5. Humanity functions off established physical, intellectual and emotional value systems; for better or worse. All technologies, beyond the interest and satisfaction of discovery and creation, are influenced and representative of these value systems.

So what is cyber security?

It refers to the preventative measures taken to protect the integrity of computer networks, programs and data from attack, damage or unauthorised access. This practice is invoked by & towards the design of hardware/software and inspired in response to new, (un)discovered vulnerabilities. Established catch phrases in this arena include social engineering, hackers, cyber threats, cyber terrorism, cyber espionage and even cyber warfare.

Although this is an understandable, predictable and sterile definition, cyber security represents technical and human hurdles implied and involved.

Most users of computer technology, whether for personal or professional purposes, tend to engage with computer products that are designed to accomplish a desired goal while being as easy and intuitive to use as possible. If it’s functional and dependable, it becomes adopted by more users. The standardisation, which forms from this consensus, influences the expectations of how future adjustments and developments propel technology (whether technical, social or political). However, this has formed dependencies on established forces that don’t (or only partially) adhere to respecting human rights for security and privacy.

The functions of what computers facilitate must be protected from undesired observation, influence and interference. No one wants to have sensitive data about their personal life, operations, contacts, contracts and dealings – which they have not voluntarily provided – with internal or external parties, up for grabs to a few or the many. Whether it stems from the legitimate right of freedom and space (as long as it respects reasonable local and global code of conduct) or insecurity due to a sense of judgment/competition or even personal wrongdoing.

The act of arbitrarily ignoring these fundamental rights defines the core premise and drive of cyber security.

Therefore, is cyber security something to keenly worry about? To answer this question, it is essential to keep the following in mind:

1. Individuals and institutions around the world, including governments and corporations, are engaged in cybercrimes with one another. Political history and climate aside, this is happening at this very moment. This includes hacking politicians personal accounts, robbing banks, tampering with voting systems and creating viruses to disable indispensable and volatile infrastructures (i.e. Stuxnet virus that the American NSA co-created, alongside the CIA and Israeli intelligence, to disable nuclear power plants in Iran). The list goes on, unfortunately.

On the subject of disrupting infrastructures, interruptions can be caused to traffic systems, security monitors, hospital systems, water supply and electricity supply. In essence, the options are as many as the number of infrastructures being controlled by a digital system. Most importantly, this will only escalate as time passes.

2. Institutions that currently have the majority market share of the populations digital portals (hardware and software) are intent on garnering as much information from their users as they possibly can. In principle, one can argue that this is not inherently bad. If the data is dealt with responsibly, it can actually be beneficial. However, this is assuming that the bodies in these positions are trust worthy, sensible and open in sharing how they retrieve and process this data. Unfortunately, among the big players, there is a negligible number of them that do not do so openly and/or properly.

The biggest computer hardware and software engineers/manufacturers do not share the entire design specifications and blueprints of their hardware and/or software thus no one outside of them can audit and understand the extent of their designs. As much as it can be reasoned that they are entitled to protect their intellectual property from competition or for security precautions, this introduces major vulnerabilities that function as back doors, which are often abused to bypass the standard and expected security measures.

The sad truth is that, as long as capitalism and the associated sociopolitical values exist as they currently are, there will always be reasoning and supporting laws to allow hardware and software manufacturers to conceal their intellectual property. This is a major vulnerability to the safety and security of most digital platforms.

The disconcerting facet is that many companies have collaborated, whether directly or indirectly, to perpetuate this ideology and benefit from using these back doors to gain some degree of direct access to transactional data, also known as metadata.

Example: You want to send an email. You open Gmail, type your email out and send it to the intended recipient.
The contents of the email itself is the core/direct data. The metadata is the address you sent the email to, the time you sent it, the recipients email address and any other CC’d addresses. This is what Google collects.

Then you need to add the ISP to the mix (internet service provider) and the data they collect. They have a record of all internet transactions you make: The IP address assigned to your internet connection and even the IP address of the device you wrote the email from, the time you opened Gmail, the time when the email was sent. Whether it’s Google, Facebook, WhatsApp, Twitter, Instagram or other programs/websites, these type of data sets are collected.

Concerning metadata, it’s innately harmless on its own and it does sincerely assist in coordinating all the transactions and functions the internet and respective programs/sites facilitate. However, when this information is amassed from all the online sources a person interacts with, you can start to build a profile of a person, and, for all intent and purpose, provide a basis for tracking and spying on them (the PRISM surveillance program is a prime example of this).

Fortunately, with the advent and mass adoption of encryption – process of encoding the data in a way that only authorised users can read/access the information – accessing direct data is more complex to get around (except for companies that store and comply in handing over such data when legally requested or otherwise) but not impossible.

Metadata is a seemingly harmless but powerful portion of information that, I believe, is sincerely understated and overlooked by most. Of course, we have our garden variety of harmful programs that are a major pain and cause for concern (which we’ll address in this #byawomantechmonth series) but tracking & spying are among the most dangerous.

The next technological innovation, that’s just around the corner, is what’s coined as IoT (Internet of Things). You may or may not have heard of this but this is it in a simple, relatable nutshell: imagine every consumer and industrial device, whether it be the T.V, microwave, fridge, oven, watch, clothing, security systems, light fixtures/bulbs, tooth brush, coffee maker and beyond, all embedded with a computer that connects to the internet, transmitting information over and between one another. The scale of this is mind boggling. Of course, this will lead to larger, more complex systems. Leave aside the cost and logistics of creation, deployment and sustainability. What about the security behind this?

How bad can it get if this ecosystem gets hacked? What if crucial services are severely disrupted? With the substantial amount of personally identifiable metadata being transmitted and collected, what does this mean for human space and privacy? Is the culture of modern human society mature and responsible enough to understand and sensibly deal with this?

So to answer the question if cyber security should be taken seriously, 
It certainly should!

“As part of the human race, I am fascinated with the nature of existence and human behaviour. Technology, which is also fascinating, is the field I currently practice in as an independent IT consultant & technician.” 

Michael Klotsman

*views expressed are the author’s own

Byawoman is dedicated to inspiring and enriching our lives through the stories we share as we navigate this life. Is there a story I can help you put together and share? Would love to hear from you.

Check out Byawoman.lifeandliving on Instagram for a daily dose of motivation.