Rapid technological advancement has shaped the quality of human life over the last fifty years. From travelling to the moon to the rise of cell phones to medical advancement, technology has allowed modern man to go further, connect more and live longer and healthier than ever before. However, this massive cultural dependence on technology has put just as much at risk if not more than it has advanced or improved. The major (and myriad) information security breaches of the 21st century have shown us that the Achilles heel in our national security and financial structures may be the very thing that propels us forward: our technology systems. Here are three of the top high profile information security breaches in the 21st century, what they tell us about our technological weaknesses, and why individuals who receive their MS in Information Security are key defenders of civilization at the next great frontier.
1. WikiLeaks Security Breach
One of the most well-known security breaches of the 21st century was the 2010 transfer of classified documents allegedly by Army Private Bradley Manning to the website Wikileaks. It is suspected that Private Manning accessed a secure database in his army base near Baghdad via computer systems that were supposed to transmit classified information back to the United States. He was arrested when one of his colleagues told the FBI Manning had confessed to stealing the data.
Over the course of several months, Private Manning provided the website, founded by Australian political activist Julian Assange, almost 100,000 classified military and diplomatic documents. Assange and his team began publishing the documents on Wikileaks beginning in February 2010; their first published document was a diplomatic cable from the United States Embassy in Reykjavik that addressed the bankrupting of Landsbanki, a private Icelandic bank. Other leaked documents included US Department of Defense analysis reports, military videos and other documents related to the wars in Afghanistan and Iraq that describe incidents of friendly fire, waste and the civilian cost of war.
In July 2010, Wikileaks established what they referred to as an insurance policy, where almost 20,000 of the most damaging documents they received in the security breach would go live should anything happen to the Wikileaks website or its founder, Mr. Assange. Private Manning is currently awaiting trial for the incident.
The 2010 Wikileaks security breach led to another security breach later in the year that included almost a half a billion pages of military action during the Iraq War. The Leak of the Iraq War Logs is the largest leak of classified documents in history.
This security breach represented a difficult to control and monitor aspect of maintaining information security: internal human error. Whether deliberate or accidental, individuals inside an organization who have access to sensitive information are a major issue in maintaining complete security.
2. Iranian Nuclear Development Security Breach
In addition to the release of military secrets, security breaches have also been linked in recent years to cyber warfare. An incomparable example of this is the Stuxnet virus attack of 2010.
The Stuxnet virus was discovered in June 2010 as an aggressive computer virus that was created to stop development of Iran's Nuclear Power program by breaching its information systems and destroy key codes; after its release, 5 countries reported viral infections in addition to Iran, including Indonesia, India, Pakistan and Azerbaijan. The virus was designed to spread through Microsoft Windows operating systems and specifically targets Siemens industrial software.
It was discovered that the virus was developed by American and Israeli intelligence officials to try and slow Iran's nuclear development. The program, which had started development in the earlier part of the 21st century, has received the support of both President George W. Bush and President Barack Obama as a strategy to hinder the nuclear arming of the Iranian government.
Stuxnet is a clear example of the next great threat to national security: cyber warfare. The digitalization of basically every aspect of national security elements, including military personnel files, launch code sequences and prison structures, have also created a new battleground for international disputes. Going forward, it is likely there will be an increasing presence of individuals with information security degrees in military organizations for just this reason.
3. Sony PlayStation Security Breach
When it comes to security breaches, not even innocent diversions like video games are safe, as was proven in the 2011 Sony PlayStation security breach.
In April 2011, an unknown hacker infiltrated more than 77 million Sony PlayStation Network user accounts. The accessed data included names, home addresses, emails, birth dates and passwords. Additionally, over 12 million credit card numbers were illegally accessed.
As Sony tried to understand the extent and method of the breach, they shut down their online networks. Initially Sony indicated that the networks would be brought online again within a few days, however they were down for a month. The company has since released software to try and correct the problem.
This incident represented the impact a security breach can have on individuals, both in terms of the breach itself and how the breach is handled and controlled. Sony received a lot of criticism from customers as well as analysts for waiting over a week to go public with their knowledge of the breach, leaving many feeling frustrated they were unable to act to tighten their personal security immediately.
Whether the security breach occurs at the individual, organizational or national level, there is no doubt that as society continues to digitize all aspects of life the threats will grow, both in number and severity. But hopefully by examining the kinds of breaches that have been perpetrated, individuals in the information security field can create a safer technological tomorrow.
Business demand for specialized knowledge in a growing digital world will continue to expand as new technology security concerns arise. Lewis University’s online M.S. in Computer Science with a concentration in Cyber Security teaches students how to identify cyber threats, design combative software systems against an attack and investigate the aftermath using digital forensics tools. To learn more about the master’s degree call (866) 967-7046 to speak with a Graduate Admissions Counselor or request for more information.