Technology Focus: Cybertools Provide Little Immunity

They were apparently sharing information about the Russian test via text-messaging on their mobile phones.

Consider: A group called D33DS Co. hacked into an older file database maintained by Yahoo (Nasdaq: YHOO), the No. 3 search engine and got away with as many as 453,000 names and passwords of e-mail accounts.

Yahoo takes security very seriously, the Sunnyvale, Calif., company had to acknowledge Thursday, during its annual meeting.

Consider: the number of cyberattacks in the U.S. rose 44 percent in 2011 from 2010, said Gen. Keith Alexander, director of the U.S. National Security Agency. U.S. companies lose $250 billion a year via electronic attacks in what Alexander called the greatest transfer of wealth in history. A New York Times investigation found the U.S. Food and Drug Administration spied on scientist e-mails so as to catch whistleblowers and avoid potential embarassment.

Take all these examples together and there's really nothing new: there's been cheating in schools forever. Intruders have stolen keys, personal office files and papers. In the old days, employees leaving a company might exit with lists of customers, their accounts and specifics. 

What's new is the unprecedented speed, versatility and sheer danger presented by electronics, computing and the unwitting trust we may now have in the cloud, essentially that place where the Internet is, if not the series of tubes in the immortal words of the late Sen. Ted Stevens (R-Alaska).

But current tools and potential far outstrip what we used to have, accelerating dangers more than required to create mayhem, a potential assault on civil liberties and a scenario far worse than envisioned for the dread Y2k of Jan 1, 2001.

There are different sets of bad guys in the new model.

Aside from the hackers and teenage thrill-seekers, the government itself is a willing player. Under the USA Patriot Act, government agencies of all sorts were handed unprecedented snooping power. That's why the FDA could acquire snooping software so cheaply.

Now, the biggest mobile phone providers headed by AT&T Inc. (NYSE: T), the No. 1 telecommunications carrier and the Verizon Wireless unit of Verizon Communications (NYSE: VZ), the No. 2 U.S. carrier, have acknowledged to Congress they received more than 1.3 million requests from these agencies last year for subscriber data.

I never expected it to be this massive, said Rep. Edward Markey (D-Mass.), who requested the information. In the first quarter, there were about 260 million mobile accounts, only about 50 million below the entire U.S. population.

Technology has made all this possible, especially with the explosion in Internet technologies and commoditization of electronic products. Noted security expert C. Warren Axelrod points out that nothing beats the human element - U.S. Army Pvt. Bradley Manning who handed over millions of government files to Wikileaks or the user of mail from Yahoo, Google or Verizon who doesn't change passwords for five years.

The same electronics and network capabilities that can allow a doctor to monitor a heart patient 1,000 miles away also presents unprecedented potential for abuse. The consumer who's posted professional background on LinkedIn (NYSE: LNKD) may not be aware that 6.5 million passwords were hacked and posted last month by Russian hackers. The site claims 161 million members.

Don't even think about Facebook (Nasdaq: FB), the No. 1 social networking site, which reported 901 million members on March 31. Their personal data plus the materials posted by companies performing e-commerce on the site present staggering targets to intruders.

Whenever you do a thing, act is if all the world were watching, said Thomas Jefferson, principal author of the Declaration of Independence 25 years before he became President.

That 18th century genius is still right after all these years.