Editorial: You have not been hacked. Have you?
Whether you are just wondering about the safety of your email or the security of your bank account or whether shady overseas operatives are conspiring to manipulate the stock market or election results, our digital devices and information do seem under round-the-clock attack.
The hand that robs the password is the new hand that rules the world.
You can see that right now on Facebook, which announced Sept. 28 a data breach that affected 50 million accounts and may have left 40 million others vulnerable.
For context? That’s just a touch more than the total population of Pennsylvania -- plus New York, Ohio, Indiana, Illinois, New Jersey, Virginia, West Virginia, Maryland and Washington, D.C.
That breach is probably part of why your social media feed right now is positively choking on messages about hacking.
“Your account has been hacked!” “Hi, I actually got another friend request from you yesterday, which I ignored so you may want to check your account.”
And then there is the flip side, the people who just want you to know that those previous messages, well, they don’t really mean anything.
“It’s a scam!” “It’s a hoax!” “People, please, your accounts were not hacked or cloned.”
Okay, yes, the rash of hacking is apparently a hoax. But whether people are falling for the fear and sending out the dire warnings or succumbing to frustration at their less tech-savvy friends and posting “how can people fall for this?” rebukes, both are doing the same thing: spackling Facebook’s walls with messages about something that’s not real.
It’s a computer virus. It’s just not the kind you can get software to fix. And it pulls attention from something that is real. Remember those 90 million vulnerable accounts? How many people actually followed Facebook’s advice after the company put up a message on pages that confessed to the breach? How many changed their passwords or followed up on the issue when more information was released last week?
Probably not as many as have done the much quicker flustered wall posts or even easier share of someone else’s post.
The problem is that we want security, but we are so much more concerned with simplicity. That’s why election security is so alarming. Federal officials are aware of previous threats.
“We do not need to wait for another interference attempt to know the threat is real and evolving,” said Department of Homeland Security Secretary Kirstjen Nielsen in a statement last month.
Pennsylvania agrees. A week after Nielsen’s statement, the Blue Ribbon Commission on Pennsylvania’s Election Security was releasing recommendations.
“The vast majority of Pennsylvania’s voting machines are vulnerable to electronic manipulation and have no paper back-ups to ensure the integrity of elections,” said member David Hickton, former U.S. attorney and founder of Pitt’s Institute of Cyber Law, Policy and Security.
Allegheny County estimates it could cost $25 million to do that. Westmoreland’s would be about $7 million.
It’s high, but so are the stakes. With two years until the next presidential election, do we want security, or are we willing to just accept simplicity?