November 24th, 2015 by admin
Earlier this year, the U.S. government revealed a massive cyber security breach which may well bump the infamous Target and Sony attacks down to "small potatoes." The database of the Office of Personnel Management (OPM)—essentially a central HR department for most federal agencies—was hacked multiple times over several months, exposing the personal records of 21.5 million individuals. Current and former federal employees, job applicants, and contractors who had undergone various levels of security background checks represented most of the victims. The suspected culprits of the attack are the Chinese, in the midst of an ongoing "cyber cold war" with America.
Most of this stolen data includes the usual personally identifiable information—addresses, birth dates, Social Security numbers, and more—routinely trafficked on the international black market, or "dark web." But a couple months back, the OPM dropped the other shoe: Also compromised were 5.6 million digitally stored fingerprints, dating back to 2000.
Fingerprints are at the core of modern biometric authorization.
If you've bought the latest smartphone, you know it scans your thumb to unlock. At least one large health club chain has eliminated barcoded membership cards in favor of electronic fingerprint scanners. If Microsoft had their way, they'd entirely replace your computer's passwords with biometrics—though the necessary 3D camera/scanner hardware may be slow to market.
Biometrics may still be in its infancy today, but how common will it be tomorrow? Besides logging in to your personal devices, will it become the preferred login option for secured email accounts, online banking transactions, medical records, or other sensitive data? One thing's for certain: Legions of hackers around the world are obsessed with cracking the latest cyber security measures right now.
Sooner or later, everything becomes vulnerable.
If you've discovered you're the victim of identity theft, most of the damage can be fixed. A compromised password can be changed in minutes. A new credit card number is a phone call away. At worst, you can go through the painstaking process of wiping fraud from your credit reports.
But it's biologically impossible to get new fingerprints—the fingertips you were born with are yours for life! Whether they were stolen last week or 20 years ago, once a victim's electronic fingerprint records fall into the wrong hands, they can never really be "un-stolen."
We can draw two takeaways from the OPM breach:
- As we've discussed, America's cyber security still lags far behind hostile threats—from hackers and cyber crooks to perhaps even adversarial governments. As in the Wild West, it's ultimately up to you to protect yourself.
- At first glance, biometrics offer the ultimate personal security. But unless we're assured they will be 101% hack-proof, they may actually go the way of QR codes—a neat idea that just doesn't catch on in the real world.
For more information on how you can protect yourself personally and professionally, get in touch with us today.
Posted in: Cyber and Data Security,