Data harvesting - the new face of cybercrime?

clock • 4 min read

Fitzrovia IT's Daren Oliver offers his opinion on the recent data breaches experienced by subscribers to social media and examines how data harvesting could be considered the new face of cybercrime

Cybercriminals were once shrouded in mystery. They were faceless non-entities lurking in the murky environs of the darkest corners of the cyber underworld, carrying out carefully planned phishing attacks and unleashing herds of Trojan horses into PCs.

While phishing and hacking remains a lucrative pastime for many of the worldwide web's underlords, it seems that harvesting is quickly becoming the new buzzword on the cybersecurity block and cybercriminals are cutting a more corporate appearance.

In the wake of the latest tidal wave of data privacy breaches that have swept the globe is the revelation that they were carried out by well-known organisations that we have trusted and obligingly populated with our most private and sensitive information, preferences, and beliefs. But more alarming has been the unwitting participation of millions of social media users in a worldwide data-gathering experiment at the hands of companies that would make Orwell's dystopian state of Oceania look vaguely tolerable.

How ironic then that the premise behind Cambridge Analytica's audacious breach of millions of personal Facebook profiles was how it classified voters and targeted them by using the OCEAN technique - Openness, Conscientiousness, Extroversion, Agreeableness, and Neuroticism.

One of the long-held arguments from the anti-social media movement - or maybe just those who would rather not bandy about their life stories online - is ‘what do you expect if you publicly post your personal updates on a platform the whole world can see?' Of course, we have always known Big Brother was watching in some format or another, be it CCTV outside the local supermarket or the tracking and mapping of our daily debit card usage.

It seems in the modern world, where nearly a half of the global population owns a personal smartphone - a device that can rather disconcertingly and almost inexplicably predict our very whereabouts with the flicker of a traffic update to our proposed destination - none of us is truly immune to having our personal information scrutinised and scavenged by data-hungry corporate beasts.

Even if we aren't fully active on social media ourselves, it seems that if our immediate connections are then it could make us fair game for having our information tapped into, downloaded, and used without our permission. In the case of Cambridge Analytica it appears that the masses of data it gathered were neither permissible nor ethical and was used to socially engineer and ultimately influence millions.

Meanwhile, Facebook failed to protect its users by allowing the company to collect the data. So what can be done to preserve our privacy amid the unending stream of information that we have managed, either willingly or involuntarily, to post on the internet?

The introduction of the European General Data Protection Regulation (GDPR) in May will bring into force tougher and more stringent rules on the handling and storage of personal data. Initially Facebook indicated that the majority of its users will not be protected by GDPR, but Mark Zuckerberg quickly followed this up with an announcement that he intended for Facebook to make the same controls available everywhere, not just in Europe.

But will adjusting our settings be enough and will the company be globally implementing GDPR's more pertinent rules for consent, data control and the right to know how our data is being used? Facebook says yes and although rules outside Europe could cause conflict, it intends for GDPR to apply to everyone.

Meanwhile, the Information Commissioner's Office - the British government's privacy watchdog - has opened an inquiry into Cambridge Analytica and its use of data, following allegations about its ties with the Leave.EU campaign and whether it, and similar companies, are a risk to voters' rights.

Utilising personal data and associated algorithms to specifically target an individual is not a new concept and is perhaps one of the main reasons why Facebook has enjoyed such unrivalled success - it made $26.9bn dollars from direct advertising in 2016.

However, the unethical harvesting of millions of accounts to launch a series of politically charged snipers into the datasphere that hunted down specific personas to manipulate them is not only morally dubious but potentially dangerous. And while the companies should be held accountable, what if they themselves became the subject of a cyberattack? Imagine how invaluable such data could be in the wrong hands, and the endless opportunities for moulding and controlling global events.

Perhaps the most sinister and worrying thing about unauthorised data harvesting is the potential it has for manipulating outcomes through a method that could be considered systematic brainwashing. It's this that could negatively affect the whole of humankind and cause catastrophic world-changing events. With this in mind, we should all be thinking more carefully than ever before about how we store our data and how we share information with each other. 

Daren Oliver is managing director of Fitzrovia IT

You may also like
Performanta unveils new Microsoft Copilot integration with its Safe XDR platform

Services and Outsourcing

The MSSP revealed the platform at its inaugural Cyber Safety Summit yesterday to a room packed with CISOs

clock 22 March 2024 • 3 min read
XChange UK day two: Cyber, M&A strategy and tackling the skills shortage

Reseller

CRN brings you all the highlights from day two of XChange UK

clock 08 March 2024 • 12 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

'Cyber has to become seamless, unnoticed and taken for granted' - XChange UK day one, part two

'Cyber has to become seamless, unnoticed and taken for granted' - XChange UK day one, part two

Delegates looked a decade into the future of cybersecurity and heard how generate value from generative AI

Kelsey Rees
clock 07 March 2024 • 8 min read
Six cybersecurity trends for 2024

Six cybersecurity trends for 2024

Gartner lists six ways the cybersecurity market will be influenced and impacted this year

Kelsey Rees
clock 22 February 2024 • 3 min read
Cybersecurity incident response: Your company's ICU

Cybersecurity incident response: Your company's ICU

Performanta CEO Guy Golan explains why incident response is the beating heart of a cybersecurity service

Guy Golan
clock 22 September 2023 • 4 min read

Highlights

Staff & Salaries 2022

Staff & Salaries 2022

A snapshot of pay and headcount trends in the UK channel

Doug Woodburn
clock 09 March 2022 • 1 min read
Midwich CEO on Nimans acquisition, 2021 results and return to pre-pandemic levels

Midwich CEO on Nimans acquisition, 2021 results and return to pre-pandemic levels

Stephen Fenby talks to CRN after Midwich’s 2021 results in which profitability exceeded pre-pandemic levels

Josh Budd
clock 08 March 2022 • 3 min read
4 more vendors suspend sales in Russia following Ukraine invasion

4 more vendors suspend sales in Russia following Ukraine invasion

IBM and Microsoft are among a number of vendors which have also announced that they will halt sales in Russia following the invasion of Ukraine.

clock 08 March 2022 • 3 min read