What appeared to be one of the largest breaches of federal employees’ data involving at least four million government workers was no surprise to Arun Vishwanath, University at Buffalo associate professor of communication.
Not only was it no surprise, but Vishwanath, who studies online security and cyberbehavior, expects larger hacks to keep happening. And even worse, he said, there is no way to stop them right now.
“This breach isn’t even the tip of the iceberg,” he said. “If you just count the number of people whose data has been compromised within the last year, it is over 350 million people. That is a staggering number. It’s a sobering realization and they are virtually impossible to prevent.”
These massive hacks almost always start with a simple email where malware is hidden behind hyperlinks and attachments. The moment one opens that link or attachment, the hackers are in, Vishwanath said.
That method is the reason why there is virtually no fix – it is largely a people problem, not a technology-based problem, he said.
“We cannot fix this with technology alone, it is people who are letting these guys in,” he said. “Everyone is looking for that silver bullet tech fix because then it would be easy to solve, but that doesn’t exist. There’s a minefield of people problems and that’s what makes this so difficult to solve.”
For starters, people must be better trained at spotting suspicious emails and then there must be systems in place for how to report those emails and what to do with them, Vishwanath said.
But as long as more and more information is stored online, hacks will continue to get larger and larger, he said, and not only in terms of numbers, but in terms of who is targeted.
“Next could be a cyber-physical system like the electricity grid,” Vishwanath said. “With all the information that is stored online and the ease with which it is to get that information, I could see people shutting down the electrical grid. We know this is very close to happening and that could create a lot of damage.”