Tag Archives: hackers

NHS cyber attack shows perils of not holding our own personal data

The global cyber attack that hit huge corporations worldwide and paralysed much of the UK’s National Health Service showed one thing above all – how easily centralised siloes of data can be rendered obselete.

The Wanna Decryptor ransomware attack, which is believed to have affected more than 200,000 systems in over 100 countries, making it the biggest in history, locked computers and systems before holding files hostage until a ransom was paid.

This had a massive impact on hospital trusts across the UK, which were unable to access patient data for treatment, meaning they were forced to send patients away and cancel appointments.

This was far from an attack aimed at the NHS, as some initially feared – but it did show its vulnerabilities – and not just in using older Microsoft computers that hadn’t been patched to cover known security issues.

Rather, it emphasised the loss of control that we all have over our personal data, when instead of having a copy ourselves, it is held in giant siloes controlled by others. And, which may or not be significant in this case, tend to prove to be very attractive honeypot targets for hackers because of the wealth of data they contain.

If we each had a copy of our own health data, the impact on the NHS would have been minimised dramatically. Anyone turning up for treatment or an appointment could have shown the relevant diagnostic and prescription history from within their digi.me app, presumably enabling further action to go ahead instead of mass cancellations.

And this is not just talk of a brave new world – it’s on the cusp of reality, with both a new version of our app and an exciting project demoing just this experience due to be announced within weeks.

The world will never be free of those who want to disrupt, harm and make money through nefarious means. But if we have control over our own data, through the principles of the Internet of Me, we take away a great deal of their power – certainly in their capacity to bring chaos to our lives.

Researcher Nets $12.5k Reward For Discovering Facebook Photo Deletion Bug

This week a white hat hacker collected a reward from Facebook’s bug bounty program – and a tidy $12,500 it was too – for discovering a bug that would let hackers delete any photo from Facebook. The mechanics of this bug involved changing a few parameters in a URL related to Facebook’s support dashboard, and reporting a photo for deletion to Facebook.

You can read more about how this particular bug was exploited on Arul Kumar’s blog (the white hat who reported the flaw), but the gist of it is that by changing a pair of numbers in the link’s URL, Kumar said he could take down any Facebook photo, from any user — regardless of who that photo actually belonged to, and whether or not that photo had ever actually been reported.

Facebook has now fixed the flaw, but this should serve as a reminder that the information we post and store on social networks is only as safe as the networks themselves choose to make it, and there are people out there who will try to wreak havoc in our digital lives. This is yet another example of how vulnerable our data can be, and that keeping a local copy of your social content is the only way to really take control of your data.

One such way is to use SocialSafe to download your social content to your own machine, giving you a local copy of all your photos, comments, messages, posts and memories. Find anything you’ve ever said, safe in the confidence that whatever misfortune may befall the original copies on the host networks, you’ve still got access to your whole story, whenever you want it.