The internet has always been a fragile place for cyber-security. With systems breached from their tiniest weakness, privacy concerns are affecting and aiming for everyone with accounts on the internet.
Many companies and corporations that collect sensitive data do not have proper security protocols put into place, which may compromise personal information. Small and medium sized were once common targets for online attacks. Now the online threats are taking the vulnerability of high-profiles.
The attack on Twitter is the latest in a string of high-profile security breaches on U.S. technology and media companies. Both the Wall Street Journal and the New York Times have had their sites hacked in the last two weeks. To minimize the risk, Apple and Mozilla have turned off Java in their browsers by default.
Twitter: a Quarter Million Breached
In February 1, 2013, a quarter of a million Twitter users have had their accounts hacked in the latest in a string of high-profile security breaches at internet firms. Anonymous hackers may have been able to gain access to around 250,000 accounts on the social networking site, including usernames, email addresses and passwords.
Twitter announced on Friday it had detected unusual access patterns across the network and had identified unauthorized attempts to access user data that had led to accounts being compromised. The microblogging site discovered one live attack and able to shut it down several minutes later. But not fast enough to prevent the hackers to gain access to thousands of accounts.
Bob Lord, Twitter's director of information security, said the attack was "not the work of amateurs" and the company did not believe it was an isolated incident.
"Our investigation has thus far indicated that the attackers may have had access to limited user information - usernames, email addresses, session tokens and encrypted/salted versions of passwords - for approximately 250,000 users," Lord said. "As a precautionary security measure, we have reset passwords and revoked session tokens for these accounts." The company also sent an email to affected users informing them that their old password was no longer valid and that they would need to create a new one.
The attackers were sophisticated. The social network known for its 140-character messages, could not speculate on the origin of the attacks as its investigation was ongoing, said spokesman Jim Prosser.
The attack is not the first time that hackers have breached Twitter's systems and gained access to Twitter user information. Twitter signed a consent decree with the Federal Trade Commission in 2010, subjecting the company to 10 years of independent privacy reviews, for failing to safeguard users' personal information.
The Journal and The Times: Hack of China
In January 31, 2013, a day before Twitter announcement, Wall Street Journal said that its computer systems have been infiltrated by Chinese hackers who were trying to monitor the newspaper's coverage of China. Chinese hackers were said to repeatedly penetrate its computer systems and stole reporters' passwords.
The Journal has extensive China coverage, including a whole section called China in Transition. It also has a blog, China Realtime Report, which focuses on local issues. Other reports have also noted that The Associated Press and Bloomberg may received similar threats in recent years.
Meanwhile, The New York Times said that the hackers were hunting for files on an investigation into wealth amassed by the family of a top Chinese leader. The Journal didn't address how the hacking of its systems occurred, but it said it has faced such threats from China in recent years. It says the hacking was not an attempt to "gain commercial advantage or to misappropriate customer information."
The attacks, which began in September, coincided with a Times investigation into how the relatives and family of Premier Wen Jiabao built a fortune worth over $2 billion. The report, which was posted online in October last year, embarrassed the Communist Party leadership, coming ahead of a fraught transition to new leaders and exposing deep-seated favoritism at a time when many Chinese are upset about a wealth gap.
Over the months of cyber-incursions, the hackers eventually lifted the computer passwords of all Times employees and used them to get into 53 personal computers of its employees.
Security experts hired to investigate, traced the breach and found that the attacks used tactics similar to ones used in previous hacking incidents traced to China. It said the hackers routed the attacks through computers at U.S. universities, installed a strain of malicious software, or malware, associated with Chinese hackers and initiated the attacks from Chinese university computers previously used by the Chinese military to attack U.S. military contractors.
Behind the Euphoria
Given the vulnerability of these high-profile targets, anything that is put online, is at risk of privacy concerns. Although the user is browsing with a secured and safe connection, the problem is not caused by the user, but by the service provider where their privacy is entrusted. This can make ordinary users see their digital euphoria replaced with a growing fear
When it comes to fighting and preventing online criminality, attempted solution can look as harmful as the disease itself. And it's this emotional disengagement that is perhaps the biggest obstacle of all to individual safety online.
As more and more of value in people's lives migrates online, and more information is distributed and shared throughout the internet, restoring the harmony between freedom of digital action and freedom from exploitation by others is only going to get more difficult.
A system is only as strong as its weakest component, and many users still leave at least one window opened in their online account. And nobody bothers to close an opened window they don't know in a house that isn't theirs. For all of us, that needs to change.