Yahoo! recently announced that in 2014 more than 500 million of its user accounts were stolen, but Yahoo! didn’t catch this cybersecurity breach until 2016, two years after the information was taken.
In 2015 Ashley Madison, a popular dating website, was hacked and the identity of many of its users were released to the public.
In July of 2016 emails belonging to Democratic National Committee members were leaked and on Oct. 7 the U.S. government officially accused Russia of leaking the information.
The need for a stronger and more advanced cyber security can no longer be ignored as technology grows more advanced.
“Due to the Internet, our society heavily relies on network-centric cyber infrastructures. Any security flaws will cause significant impact and consequences would be tremendous,” said Gail-Joon Ahn, director at the Center for Cybersecurity and Digital Forensics at Arizona State University.
Today it is normal for a person to own multiple personal electronic devices, each protected with the same password or fingerprint. These devices carry important information such as health history, bank account number, contact information, etc.
When all your passwords are the same it becomes much easier for someone to steal all your information from across different devices. Not enough is being done to secure these devices, not because of lack of security measures, but because of convenience.
“I don’t do anything to protect myself from cyber-attacks. I rely on others to do it for me because it sounds too complicated to spend hundreds of dollars on additional protection and I don’t feel like going out of my way for it. If there’s an issue with the bank, my credit card company will call me. If there’s an issue with someone logging into my Facebook, my account will tell me. I’m very apathetic and removed from the process,” said Gia Marucci a junior majoring in political science at ASU.
When users do not want to remember multiple hard-to-recollect passwords, what measures should be taken to ensure that personal information stays personal?
“If their password is weak it means their passwords are crackable. However, more important issue would be poor design of authentication system that did not check authenticity of users,” Ahn said. “We need to adopt strong authentication with multiple factors since authentication is the 1st gateway for all.”
But not everyone agrees that inserting extra authentication measures to access devices like a cell phone or a bank account should be implemented.
“I do not feel like my passwords are strong enough because I will use the same ones for everything. I wouldn’t be able to remember all my personal and business passwords if I had a different one for everything,” said Alejandra Escanuela an ASU alumna who majored in social work.
The future of cyber security is not with how strong and forgetful of a password you can create, but with the convenience and ease of remembering it.
“It’s time to consider users’ preference and usage patterns in designing security technologies. That’s why ‘usable and effective security’ is one of important areas that has received considerable attention,” Ahn said.