Cybercriminals were once shrouded in mystery. They were faceless non-entities lurking in the murky environs of the darkest corners of the cyber underworld, carrying out carefully planned phishing attacks and unleashing herds of Trojan horses into PCs.
While phishing and hacking remains a lucrative pastime for many of the worldwide web's underlords, it seems that harvesting is quickly becoming the new buzzword on the cybersecurity block and cybercriminals are cutting a more corporate appearance.
In the wake of the latest tidal wave of data privacy breaches that have swept the globe is the revelation that they were carried out by well-known organisations that we have trusted and obligingly populated with our most private and sensitive information, preferences, and beliefs. But more alarming has been the unwitting participation of millions of social media users in a worldwide data-gathering experiment at the hands of companies that would make Orwell's dystopian state of Oceania look vaguely tolerable.
How ironic then that the premise behind Cambridge Analytica's audacious breach of millions of personal Facebook profiles was how it classified voters and targeted them by using the OCEAN technique - Openness, Conscientiousness, Extroversion, Agreeableness, and Neuroticism.
One of the long-held arguments from the anti-social media movement - or maybe just those who would rather not bandy about their life stories online - is ‘what do you expect if you publicly post your personal updates on a platform the whole world can see?' Of course, we have always known Big Brother was watching in some format or another, be it CCTV outside the local supermarket or the tracking and mapping of our daily debit card usage.
It seems in the modern world, where nearly a half of the global population owns a personal smartphone - a device that can rather disconcertingly and almost inexplicably predict our very whereabouts with the flicker of a traffic update to our proposed destination - none of us is truly immune to having our personal information scrutinised and scavenged by data-hungry corporate beasts.
Even if we aren't fully active on social media ourselves, it seems that if our immediate connections are then it could make us fair game for having our information tapped into, downloaded, and used without our permission. In the case of Cambridge Analytica it appears that the masses of data it gathered were neither permissible nor ethical and was used to socially engineer and ultimately influence millions.
Meanwhile, Facebook failed to protect its users by allowing the company to collect the data. So what can be done to preserve our privacy amid the unending stream of information that we have managed, either willingly or involuntarily, to post on the internet?
The introduction of the European General Data Protection Regulation (GDPR) in May will bring into force tougher and more stringent rules on the handling and storage of personal data. Initially Facebook indicated that the majority of its users will not be protected by GDPR, but Mark Zuckerberg quickly followed this up with an announcement that he intended for Facebook to make the same controls available everywhere, not just in Europe.
But will adjusting our settings be enough and will the company be globally implementing GDPR's more pertinent rules for consent, data control and the right to know how our data is being used? Facebook says yes and although rules outside Europe could cause conflict, it intends for GDPR to apply to everyone.
Meanwhile, the Information Commissioner's Office - the British government's privacy watchdog - has opened an inquiry into Cambridge Analytica and its use of data, following allegations about its ties with the Leave.EU campaign and whether it, and similar companies, are a risk to voters' rights.
Utilising personal data and associated algorithms to specifically target an individual is not a new concept and is perhaps one of the main reasons why Facebook has enjoyed such unrivalled success - it made $26.9bn dollars from direct advertising in 2016.
However, the unethical harvesting of millions of accounts to launch a series of politically charged snipers into the datasphere that hunted down specific personas to manipulate them is not only morally dubious but potentially dangerous. And while the companies should be held accountable, what if they themselves became the subject of a cyberattack? Imagine how invaluable such data could be in the wrong hands, and the endless opportunities for moulding and controlling global events.
Perhaps the most sinister and worrying thing about unauthorised data harvesting is the potential it has for manipulating outcomes through a method that could be considered systematic brainwashing. It's this that could negatively affect the whole of humankind and cause catastrophic world-changing events. With this in mind, we should all be thinking more carefully than ever before about how we store our data and how we share information with each other.
Daren Oliver is managing director of Fitzrovia IT
Reports claim IT services firm has been infected with Ryuk ransomware
Security vendor valued at just under $8bn
Security vendor set to go public for the first time since 2010, when it was acquired by Intel
Government minister distances himself from latest advert in Cyber First campaign
Webroot’s senior product officer says that while ‘anomalies’ persist between the OpenText-Webroot-Carbonite programs, all partners will soon have access to a single admin console
One of Arrow's subsidiaries has appeared in a draft document of firms facing scrutiny by the US government
The French telecoms giant has issued a statement rejecting rumours a bid to takeover fellow French player, Atos, was in the works
'There will be a shift in cybersecurity spending rather than a slowdown' - Exclusive Networks UK boss
Distributor’s UK boss opens up to CRN on acquiring companies to build out its services skillset and why he is optimistic for double-digit growth next year