Internet Research Project 🍰

Privacy Risks in Data Collection & Storage 🌸

As businesses increasingly rely on digital systems to store and manage sensitive information, ensuring data security has become a critical concern. Organizations handle user data through cloud databases. These range from personal-use systems with smaller storage limits to enterprise-grade solutions designed for businesses. While these databases offer efficiency and scalability, they also introduce potential vulnerabilities that cybercriminals can exploit. Data breaches, malware attacks, and unauthorized access remain significant threats, making it essential for companies to implement comprehensive security measures to safeguard user information.

To protect stored data, large companies deploy multiple security strategies to prevent breaches and unauthorized access. Basic protections include two-factor authentication, firewalls, and antimalware software, which serve as the first line of defense against cyber threats. More advanced security measures, such as Trusted Platform Module capabilities and Zero Trust architecture, add extra layers of protection by requiring continuous verification of users and devices. Organizations also use Data Loss Prevention tools like Endpoint Protector to scan networks for sensitive data and either encrypt or delete it if found in unauthorized locations. Additionally, businesses enforce strict policies on data transfers, ensuring that sensitive information cannot be moved outside company-approved devices.

Insider threats pose a risk, as employees with privileged access can unintentionally or deliberately compromise data security. For example, in April 2022, a former employee downloaded the personal data of users of Cash App. After being fired, the employee stole and may have leaked the following information about Cash App’s customers: full names, brokerage portfolio values, brokerage portfolio holdings, and Stock trading activity.

Misuse & Protection of Computing Resources 🍰

Computing resources are subjected to various forms of misuse, which can compromise system integrity and data security. The most common examples include unauthorized file copying, downloading unapproved software or media, and installing rogue remote access programs. Such activities can introduce malware into an organization's network, leading to data breaches or disruptions in the system. Additionally, personal use of company resources, such as excessive web surfing, personal emailing, or media streaming, can degrade network performance and expose systems to security risks.

A notable event of misuse occurred in 2021 when an employee at Okta installed unauthorized software on the company's network. This action inadvertently introduced malware, resulting in a significant data breach that compromised sensitive customer information and led to substantial financial and reputational damage.

To protect systems and networks from such exploitation, organizations should implement comprehensive security strategies. Key measures include enforcing strong password policies, regularly updating and patching software to address vulnerabilities, and installing reputable antivirus solutions to detect and prevent malware infections. Making use of firewalls can help block unauthorized access, and monitoring network traffic can identify suspicious activities promptly. Additionally, establishing and enforcing clear security policies ensures that all users understand acceptable use protocols and the importance of adhering to them.

Unauthorized Access to Information 🌸

Hackers and actors use various techniques to gain unauthorized access to sensitive information, often targeting vulnerabilities in security systems. One common method is phishing, where attackers deceive individuals into providing login credentials or personal data by pretending to be a trustworthy source, such as a bank or an employer. Phishing emails often contain harmful links or attachments that, when clicked, install malware or direct users to fake login pages designed to steal their information. Other techniques include exploiting weak passwords, using brute force attacks to crack login credentials, or leveraging unpatched software vulnerabilities to infiltrate company databases. Once inside, hackers can steal, manipulate, or sell sensitive data, causing significant financial and reputational damage to organizations.

To prevent unauthorized access, businesses and individuals must implement strong cybersecurity measures. Basic protections include firewalls, antivirus software, and two-factor authentication, which adds an extra layer of security by requiring a secondary verification step. More advanced strategies, such as endpoint security systems and network monitoring tools, help detect suspicious activity and block unauthorized access attempts. Companies should also conduct regular cybersecurity training for employees to educate them on recognizing phishing attempts and avoiding risky online behaviors. Data encryption further protects sensitive information by making it unreadable to anyone without the proper decryption key, ensuring that even if a breach occurs, the stolen data remains secure.

An example of a phishing attack occurred in 2016 when hackers successfully infiltrated the Democratic National Committee (DNC) by sending fraudulent emails to staff members. The emails seemed to be from Google, warning recipients of security issues and prompting them to reset their passwords. Once the victims entered their credentials into a fake login page, hackers were able to gain access to the DNC’s email system, leading to a major data breach that exposed confidential information.

Benefits & Risks of Computing Innovations 🍰

Computing innovations have transformed almost every aspect of society, providing significant benefits while also introducing new risks. One major benefit is increased efficiency and accessibility in various fields, such as healthcare, education, and communication. For example, artificial intelligence in medicine assists doctors by detecting diseases earlier and recommending treatments personalized to the patient, this improves patient outcomes. Additionally, digital platforms like Zoom and Google Classroom have expanded remote learning opportunities, making education more accessible worldwide. However, these advancements also bring risks, including data privacy concerns and cybersecurity threats. As more personal and sensitive data is stored online, the risk of hacking and identity theft increases.

One example of both the benefits and risks of computing innovations is social media. Platforms like Facebook, Twitter, and Instagram have changed the way society communicates, allowing people to connect across the globe instantly. However, these same platforms have also contributed to issues such as misinformation, cyberbullying, and privacy violations. The 2018 Cambridge Analytica scandal shows how social media data could be misused for political manipulation, raising questions about data security and ethical responsibilities of tech companies. This case demonstrates how innovations designed to better communication and social interaction can have unintended consequences that affect politics and personal privacy.

Another example is facial recognition technology, which has been integrated into security systems, law enforcement, and even personal devices like iPhones. While this technology improves security and convenience, it also raises concerns about surveillance. Studies have shown that some facial recognition algorithms have higher error rates for people of color, leading to potential discrimination in law enforcement applications. This highlights the ethical challenges of implementing AI-driven technologies and the need for careful regulation to ensure fairness and accountability.

Sources🌸

🍰Privacy Risks: Syteca, DigitalGaurdian, OpSwat, EndPointProtector

🍰Misuse & Protection: CISA, Avasant(blog 1), Avasant(blog 2)

🍰Unauthroized Access: NebrCentre, Strongdm, Wikipedia

🍰Benefits & Risks: BBC, Technology Review, Ihf-Fih