Over the past 12 months, there have been a number of security flaws affecting a wide range of tech applications and software, the most notable of which was Sony’s meltdown, when hackers claimed to have stolen up to 2.2 million credit card numbers from the PlayStation network’s roughly 70 million users.
Snapchat is the latest app to fall victim to such a security breach. For those unfamiliar with Snapchat, the app allows users to share photos with friends that instantly disappear after 1-10 seconds.
As a result of this breach, Snapchat hackers have reportedly collected the usernames and phone numbers of around 4.6 million people, having exposed a security flaw in the ‘Find Friends’ feature which was apparently at the heart of the breach. The principal technologist of the American Civil Liberties Union, Christopher Soghoian, has revealed what, according to Soghoian, is an even more disturbing problem in that they have demonstrated a cavalier attitude towards privacy and security as a result of reports that security experts had warned the company about a vulnerability in its system on at least two separate occasions.
We should be concerned about the precedent that these security flaws seem to set for not only existing software but also future products and updates as well. What can we do to make sure that our sensitive information will not be hacked, sold, and distributed online?
According to Gartner security analyst Avivah Litan, phone numbers are not considered “sensitive” personally identifiable information like credit card numbers or social security numbers, so all kinds of companies collect them to verify a person’s identity.
She said a phone number is not as bad as a password or magnetic strip, but it is the piece of information criminals need to impersonate someone.
It has been reported in a recent report by Forrester Research that mobile security risks are moving from networks to apps in the same way that security and risk professionals used to target networks and devices first before moving on to apps in the traditional computing space.
According to Forrester Research, there are three reasons why security should be shifted to apps and why this should be done:
- To access private and strategic corporate data, employees use personal devices at work, home, and on the road.
- Keeping up with the rapid pace of device expansion is difficult for security and risk personnel because mobile apps are updated more frequently than traditional PC applications.
- Mobile networks, devices, and operating systems are beyond the control of security and risk professionals. There is no correlation between operating system vulnerabilities and the number of threats against them, according to Forrester, citing Symantec’s Internet Security Threat Report 2013. It is therefore the top layer of the security stack that presents the biggest risk to mobile users.
According to the hackers, this latest hack has no malicious intent; in an email to website TechCrunch, they stated: “Our motivation was to raise public awareness about this issue”.
As technology enthusiasts, we’re all aware of the risks the internet poses in exposing sensitive information; but consumers are becoming increasingly concerned about the security levels of start-ups and established brands alike, as well as what personal information should be posted where and how.
In the wake of the ever-growing attention paid to security concerns, we may see an increase in efforts to prevent hackers from repeating the same mistake in the future, but for CEO Evan Spiegel and Co., is that too little, too late? Will Snapchat users be able to forget this latest lapse entirely in true Snapchat fashion?
New software is increasingly vulnerable to security flaws. When will it affect you?
Also read: Asus 2-in1
