Wednesday, December 28, 2011

Hacking Happens

Information security suggests that you can actually protect your information crown jewels. I am not a security expert, but I do know one thing for certain about security. No matter how much you seek to protect information, and how much money and vigilance you throw at the problem, that still bad guys can and will get to your data nugget if they want to bad enough.

I usually determine how important some business event is to the US or world economy based upon its location in the Wall Street Journal. An imprecise science no doubt, but useful nonetheless to ascertain what matters to our economy. So, when I recently read about the US Chamber of Congress getting hacked by the Chinese, I took note that it was the first article on the front page and took up more space on page 4 of the first section. So what, hacking happen every day, all day long. But this one was special because the Chinese hackers grabbed US policy toward China and allowed the bad guys to watch the policy wonks inside the Chamber for over a year, says the FBI. The attack was sophisticated and as a result was undetected by the Chamber until the FBI told them of it recently.

Not only did the Chinese hackers have access to policy documents, email accounts, and all sorts of important information, but they also may have gotten access to Chamber members company email accounts and messages. The hackers even hacked a thermostat at a condo owned by the Chamber and a Chamber printer now inexplicably prints Chinese characters on documents.

Yikes! I was invited to China by a wonderful academic and met with several of her students a short while ago in Beijing. After communicating with the various Chinese students to work out logistics, inexplicably my computer started to change content from English to Chinese characters. If that wasn’t bad enough, the translated characters, were actually “dirty” words usually of a sexual nature. I retired the computer early to protect our reputation but wonder, why bother with my boring email. If someone cares about my stuff they must care about lots of stuff which we don’t think is important. If we don’t think it’s important, I bet we aren’t so vigilant about protecting it. If that’s true, I bet we get lots of stuff hacked that we don’t even know about. Heck even our vigilant folks get exposed.

Are you kidding me.