Very recently, the private and personal information of nearly 50 million Turkish citizens was hacked and released for the world to see. The hacked data, which is available for download on a website, even includes the data of Turkey's current president, Receip Tayyip Erdogan. On the website are political messages that are anti-Erdogan and anti-Trump. The article on this comes from the Telegraph written by Robert Tait.
The hackers claim they were able to break into the database because of Turkey's weak cyber-security. A statement on the website reads, "who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure" (Tait). In my mind, this highlights the dangers of highly bureaucratic government where things are overlooked and not taken into consideration. Although innovation and technology helps governments run more efficiently, human beings are the ones who are running these technologies and ultimately the government. There is always a more than likely potential for mistakes to occur in the implementation of these technologies as well as things just simply being overlooked or not taken into consideration.
The fact that hackers were also able to obtain highly personal information on the Turkish president as well as other high ranking government officials in the Turkish government shows just how little consideration the designers of this database gave to the security of not only ordinary Turkish citizens' privacy, but especially the security of government officials' and even the president's privacy. The information of high ranking government officials at the very least should be in a much more secure and restricted database. The hackers stated in a bullet-point list the security faults of Turkey's database saying, "Lessons to learn for Turkey:Bit shifting isn't encryption.; Index your database. We had to fix your sloppy DB work.; Putting a hardcoded password on the UI hardly does anything for security" (Tait). This just proves that the designers of the database did a sloppy job and did not give any thought to the gravity of the potential threats facing the database.
It's also alarming that the hackers were able to so easily post the highly personal information of nearly 50 million people on an online website that is still up and running right at this very moment (http://185.100.87.84/) and not have it taken down by the authorities or anyone. They are powerless to stop the hackers from distributing the information to anyone in the world with a computer and an internet connection.
I think this article overlooked the fact that this could have been prevented and that it is the fault of the Turkish government that this even happened. Based on the statements on the security of the database that the hackers made, it seems like this breach could have all been very easily avoided if the database designers and Turkish government authorities took secruity seriously and used methods to secure the database on par with that of a national government database.
Article: http://www.telegraph.co.uk/news/2016/04/04/personal-details-of-50-million-turkish-citizens-leaked-online-ha/
This leak of private information from Turkish politicians brings to light the very serious issue of having poor security on big data. When we talk about privacy issues concerning big data is seems too often that we are discussing the entities that are trying to get our information and not the actual people and technologies that are set up to protect our data. Most everyone in some form or another has information on the internet. Information such as credit cards, social security and far too often we find ourselves plugging this crucial and private information on the internet without a second thought as to how this information is being protected. This instance in Turkey should be a stern reminder to any company or government that values the data that they protect to increase its security significantly.
ReplyDelete