The news story that I had chosen to describe for unit was a Global Research article that described how a group of individuals gained access to the CIA director’s personal e-mail account through social engineering.  What was particularly interesting to me about this story was the minimal amount of technical savvy required to break into the account, which highlights how vulnerable all of us are to social engineering attacks. While the director’s poor practices in sending sensitive documents to his personal e-mail were what drew attention to the whole hacking activity, it does not appear that he had poor security practices with regards to securing access to his account. While there is no explicit legislation discouraging social engineering techniques, the spirit of the legal system in a Western nation discourages deception and false representation. That being said, I do not believe we can legislate away a determined hacker, as identifying actors in this domain can be relatively complex when one can hide behind multiple proxy servers.

One of the articles discussed by a fellow student was one that reported on the Talk Talk hack in the UK, which compromised bank account details of the telecommunications company. Identity theft costs individuals and businesses a significant amount of money but there does not seem to be much protection against it other than taking precautions. While individuals can do their best to safeguard their personal information, what recourse does one have when their data is stolen off of the servers of a company that they deal with? Companies already demand a huge amount of trust from their customers. With how vulnerable personal information is in their hands, the ask becomes significantly larger, particularly as instances of data spillage and theft become all the more prominent.

References:

Kampmark, B. (2015). Hacking the CIA Director: What John Brennan’s emails reveal. Global Research. Retrieved from http://www.globalresearch.ca/hacking-the-cia-director-what-john-brennans-emails-reveal/5484186

Royal Canadian Mounted Police. (2013, October 01). Identity Theft and Identity Fraud . Retrieved from Royal Canadian Mounted Police: http://www.rcmp-grc.gc.ca/scams-fraudes/id-theft-vol-eng.htm

The Federal Bureau of Investigation. (n.d.). Identity Theft. Retrieved November 08, 2015, from The Federal Bureau of Investigation: https://www.fbi.gov/about-us/investigate/cyber/identity_theft

Yew , M. A.-T. (2014). Identity theft on the rise, security experts say. Toronto, ON: Toronto Star Newspapers Ltd. Retrieved from http://m.thestar.com/#/article/business/tech_news/2014/04/15/identity_theft_on_the_rise_security_experts_say.html