I recently attended an event where the speaker was a personal hacker. It was a little surprising, at first, as the person didn’t look like your stereotypical hacker. Again, reminding me to never judge a book by its cover. Then again, what does a hacker look like?
But as she started her talk it was evident she really knew her stuff. In fact, many people from the audience had mentioned to her how she had scared them a little. Which leads me on nicely to my point of protecting your data self.
The speaker in question was Jenny Radcliffe. Quite simply, she asked us all if we were truly aware of how easy our data could be obtained. She gave us an example of how – if wanted or asked – she could get our data.
Social media is now one of the easiest targets for hackers. We’ve become a society of oversharers. If it’s your friends’ birthday, we post. We go out for a nice meal, we check in to the restaurant. Feeling unwell or not too shabby, we share a status. BINGO!
Through all these various tagging scenarios, it gives anyone the chance to get to know your activities, day-to-day whereabouts and a lot of information about your likes and dislikes. First thing to do is to privatise your profiles. You need to proactively control your privacy against your own data. Read those terms and conditions – although they’re in small writing, they’re the most important to understand.
Whilst thinking of this scenario above you may think, “how could they get anything?”. Well, Jenny proceeded to explain that if she wanted to get more data or information, all that needed to happen was for her to dig a little deeper, become a friend or access your details elsewhere. If she notices that you had “checked-in” or visited the vets, she would go to there. Jenny also mentioned how amazing it was of how much people voluntarily share when you’re wearing a high vis jacket and hold a clipboard. At this point, I was gobsmacked.
Is it really that simple? Pretty much, yes. As Jenny explains using this scenario…
File accessed once on the premises, email address obtained. Send email from fake vet’s email address to person. State they have an outstanding bill, all the hacker needs is the email to be opened. Once this is done they’re in, GAME OVER!
It’s probably not a true justice to the whole process, but a mere snap shot of how easy information can be obtained. What did strike a chord, for me, was the fact of looking after our “data self”.
A great play on this is the new Experian advert with two identical characters.
"File accessed once on the premises, email address obtained. Send email from fake vet’s email address to person. State they have an outstanding bill, all the hacker needs is the email to be opened. Once this is done they’re in, GAME OVER!"
As discussed before, in a previous blog, regarding the Cambridge Analytica data breach, do you ever really know what you’re agreeing to? Recently, I read an article about the idea of ‘self-sovereign identity’ which has already been developed. This concept has the potential to revolutionise data security. Adding to this is – of course – blockchain.
(You can read the article here)
The key to all of this is that we have all been rather naive when it comes to our data. Realistically, who reads the T&Cs? But also, subconsciously, we’ve all become sharers and, truthfully, this needs to be contained, especially if we don’t want to become a potential target.
Since hearing from Jenny Radcliffe, the first thing I did was get onto my privacy settings for all apps and social channels. Fingers crossed I’ve now protected my data self now.
By Ryan Curtis-Johnson - Head of PR and Marketing