June 24, 2015
How the Sony Hack Should Affect You
by Adam Levin
Rather than email or text, you should consider picking up the phone or walking down the hall to talk to colleagues -- that, or use smoke signals.
In the past two years have revealed anything, it’s that every conceivable mode of communication comes with its share of serious privacy and security issues. Email can be hijacked, mail servers can be breached and malware can turn your smartphone into a peepshow. Wikileaks revealed that even our phone conversations are at risk.
That said, don’t panic! It’s highly unlikely anyone is listening to your phone calls. (OK, it’s possible, but you’d have to be incredibly sloppy or unlucky enough to download call-intercepting malware, or targeted by folks who can handle a price tag that hovers north of the $1 million mark.) The more relevant point here is that the big data mills at the NSA that may or may not be crunching your calls don’t care if you’re negotiating the sale of Ford to General Motors, much less if you’ve been naughty or nice – unless you’re a world leader or someone perceived as a threat to America.
So what about the other, more likely ways you may be exposed? There are man-in-the-middle attacks that are fairly affordable for a hacker. There’s malware from friend (hard to spot) and foe (you can’t be alert to every danger every second of the day). It almost seems like the only way to be completely safe from intrusion is to have nothing you wouldn’t want broadcast or skywritten on your smartphone, nothing you wouldn’t want the world to know about in your browser history, not a single text message you want to keep private and no phone calls made or received that you don’t want to share with Dr. Phil and his audience.
Recent news has been nothing less than terrifying. JPMorgan Chase and Home Depot joined the ever-growing list of mega-breach victims. Sony Pictures was gutted, with career-killing emails sent hither and yon, servers erased and trade secrets and intellectual property joyously tossed like flower petals from a float in the Rose Bowl parade. The hack initially stopped the release of “The Interview,” costing the studio millions, and that’s not taking into account future losses associated with class-action lawsuits brought by current and former employees whose personally identifiable information was stolen and published for the world to see, or enforcement actions by various and sundry state and federal regulators. It’s major stuff. And then there were all those other cybercrimes. It all makes for a really uneasy feeling at the workplace.
The trend here is simply too clear: Nothing is sacrosanct, and nothing is beyond reach. And while there may be no way to keep prying eyes out of our email, there is a way to keep the most sensitive information pertaining to your business out of reach. With that thought foremost in my mind, it is, indeed, time to make some serious changes.
Call me old-fashioned, but I think I’d rather take my chances with the government listening to my phone calls. How about you? When I say, “phone call,” I mean literally, like, on the phone-and I say this because, of all the ways we communicate, a landline affords the better shot at privacy and a more secure mode of communication.
The act of getting out of a chair and walking down the corridor to talk to a colleague helps to burn off holiday excesses, builds inter-office rapport and can’t be hacked. Email and text have supplanted the collegial walk-by. There are those who will say that it’s not efficient to pick up the phone. I’m not sure I buy that. Email and text streamline workflow only in theory. Each is just a swipe or click away from the major time-sucks provided by social media. And the interaction that happens without the interference of keystrokes or thumbing a screen provides sparks that just don’t happen in the dynamic-free zone of tit-for-tat correspondence. And again, a face-to-face or headset-to-headset conversation is probably the most secure mode of communication in the post-Sony hack world.
I’m sure it will take some getting used to, but if anyone at my office needs a fast answer from me, I’m going to ask that whenever possible they tap my doorframe or give me a call. Beyond the security considerations, the truth is that I actually like talking to people, and I ultimately learn more about whatever it is we’re talking about. For all their convenience, emails and texts are far from perfect modes of communication. Much meaning is lost when communicating by keystroke. Anyone who’s emailed a sarcastic quip that was taken literally will confirm this.
There are other options. Sony Pictures had to revert to communication via fax during the days following the hack, but faxes leave too much to chance because you never know who’s waiting on the other end of your transmission, and there’s the added possibility that you might dial a wrong number.
If smoke signals weren’t so easy to spot, I’d suggest that route. And while it’s true that you never know when a fake cell tower’s going to roll into your neighborhood, using the phone and having more face-to-face discussions at the office are perhaps the better ways to engage in team building through a group commitment to data security.