eResearch | The growth and change in how digital information is managed has become of significant importance to businesses as (1) enterprise targeting viruses increase in number and (2) online companies get scrutinized for how they collect and use data. In 2019, the FBI reported US$3.5 billion of costs to businesses due to cybercriminals.
As new technology such as voice assistance and facial recognition become mainstream and companies evolve digitally through the use of cloud infrastructure, the need for cybersecurity has become a necessity to all companies big and small.
Below are recent data privacy problems faced by both public and private sectors:
Siri and Google Hacked
Researchers from a US-Chinese university developed a test called the SurfingAttack, which attempts to hack into smartphone voice assistant security by sending ultrasonic sound waves to mimic the voice command used to trigger a response from applications such as Siri, Google Assistant, and Bixby.
The researchers demonstrated how unwanted infiltrators could use this kind of ultrasound technology to enter phones and read back messages or make phone calls by disrupting the sound waves that voice assistant applications use.
Although the distance for the sound wave hack is limited to 17 inches, the test successfully hacked Siri and Google Assistant, who were among the 15/17 different voice assistants the researchers successfully got into. Once SurfingAttack was deployed, the researchers were able to unlock devices, take selfies, make phone calls, and read back text messages using ultrasound technology.
Police Use Facial Recognition Software
The Ontario Provincial Police, the Royal Canadian Mounted Police, and the Toronto Police have all revealed the use of facial recognition software developed by Clearview AI, an American technology company.
Clearvew AI collects billions of photos from social media platforms such as Facebook and YouTube to create a database for facial recognition analysis. The software is used by more than 600 law enforcement agencies, but its method of retrieving and managing data has been scrutinized due to the lack of transparency and the breadth of information the platform has without permission.
Clearview AI had a free online trial version of its product last year, which was used by police units to aid investigations on child sexual exploitation, human trafficking, cybercrime, and digital forensics, but the free version was discontinued shortly after.
Manufacturing Partner of SpaceX and Tesla Hacked
Visser Precision, a contractor for Elon Musk’s companies, SpaceX and Tesla, was hit by a cybersecurity attack called DoppelPaymer, a malware, which has recently hacked Allied Universal and released stolen files to the public after not receiving a US$2.3 million ransom fee.
Visser confirmed the breach after non-disclosure files including companies SpaceX and Tesla were released to the public through the infiltrators newly launched website called Dopple Leaks.
Last year, the DoppelPaymer virus started targeting companies asking for ransoms starting from US$25,000 to the highest so far of US$5 million, which was asked of Mexican oil company Pemex, who was forced to shut down all computers, freezing emails and payment systems.
FaceApp Scrutinized for Collecting Photos
Wireless Lab, a Russian technology company, developed a viral mobile application called FaceApp, which built massive popularity through celebrity and influencer usage. However the app has brought serious concerns for user data due to a vague privacy policy with many holes.
FaceApp uses artificial technology to transform a user’s self-portrait photo to show what they would look like after they have aged decades into the future, but for the application to work, users must give access to data on their phones including photos, location data, search data, and browsing history.
FaceApp has been taking user data that is not needed for its core operations, which it could potentially sell to third-party marketing companies, as its policy states that it can store and process all information in any country where FaceApp operates.
We are living in an age where a vast amount of personal data is now accessible and the erosion of security enables the exploitation of personal data. An individual’s privacy should be a fundamental right in the modern digital world.
//
