By now many if not all active E-Bayers have heard that their master database of encrypted passwords has been "Compromised" or in other words accessed by people who have questionable intentions. However, lets get real here the Internet is the Wild West of the modern world we live in, its a mecca of illegal activity so much so that not having a trusted and responsible computer security partner is as bad of an idea as the President of the United States walking around without his security detail.
Big Corporations like E-Bay are not exempt. Being as high profile as they are they are frequent targets of all kinds of attacks including DDOS attacks and unauthorized access of sensitive areas. The sole purpose of these attacks are often for financial gain, and in some cases, as we have seen with the stuxnet virus an act of Cyberwar initiated by a government.
To recap a bit about this E-Bay dilemma and report on the latest press releases, E-Bay management and its subsidiary Pay Pal are aggressively asking all its members and end users to change their passwords. I have already done so and if you have an E-Bay account or Paypal account you should also consider doing so as well.
The consequences of this data breach are certainly moot, and the extent at which these cyber-criminals can code crack the database to get past E-Bays encryption is certainly a question worth asking. However, E-Bay has assured all its customers that they are aggressively pursuing and investigating this cyber crime and intend to prosecute the culprits (if found) to the fullest extent of the law once they are identified.
In the meanwhile, we can expect additional verification questions on our account to slow us all down. Some of the methods deployed are the infamous cryptex that hard to read text that we as humans can discern but OCR devices cannot. E-Bay is also asking for Text confirmations via cell phone texts and I have even seen some companies ask a series of challenge questions prior to a password reset request.
Therefore its safe to conclude that as despicable, and sad as this data breach was, its not the the big picture or a complete disaster for the end user. As we have have evolved in the it world we have continued to evolve ways to deter and dissuade cyber attackers from gaining unauthorized access to our accounts. The age of a young kid guessing a simple password to a national defense computer like in the movie War Games is a bygone and a historical account to reference how far we have come in securing end users today.
The next big challenge... is getting users to remember their ever growing list of passwords that now include special characters, numbers caps and the like. Some have speculated that this is the precursor to the Real ID and eventually password free systems accessed either biometrically or by way of an RFID chip implanted in the end users. What do you all think of this?
No comments:
Post a Comment