The Cambridge Analytica-Facebook scandal was to reveal to social media users on both sides of the Atlantic a frightening truth: that they could, by completing a seemingly "innocent" personality test or playing a game online, fall victim to manipulation by companies, political parties or entire governments.
Mr.Kasimis Theofanis, information systems security specialist, reveals....
ERIS PANSELINA
epanselina@ethnos.gr
The Cambridge Analytica-Facebook scandal was to reveal to social media users on both sides of the Atlantic a frightening truth: that they could, by completing a seemingly "innocent" personality test or playing a game online, fall victim to manipulation by companies, political parties or entire governments.
Καθώς ακόμη ξετυλίγεται το κουβάρι του πολύκροτου σκανδάλου και διερευνάται το μέγεθος της ευθύνης των εταιρειών και το κατά πόσο παραπλανήθηκαν οι χρήστες του Facebook που έδωσαν πρόσβαση στα προφίλ τους, δύο ειδικοί σε θέματα κυβερνοασφάλειας, ένας Έλληνας πρώην “χάκερ” και ένας Αμερικανός αναλυτής, εξηγούν στο Έθνος της Κυριακής πόσο ευάλωτες είναι οι πληροφορίες που μοιραζόμαστε στα social media και πόσο επικίνδυνη είναι η “υπερδημοσίευση” των δεδομένων μας.
Fanis Kasimis, one of the most famous Greek hackers, who since 2013 has gone to the "white" side of hacking, explains that sometimes even the terms of use can be "misleading", since it is difficult for users "to see the fine print and know what their data is being collected for". However, as CEO today of Audax CyberSecurity, which shields companies in cyberspace, he believes that a significant part of the responsibility lies with the users. "Everything is published by ourselves. Apart from Facebook, there are a bunch of social networks and messaging apps that, if we put down what we have posted on all of them, we will see that every second of our lives is published," he stresses, speaking to the Sunday Nation.
For his part, Robert Siciliano, an identity theft expert and security analyst at Hotspot Shield, believes that "Facebook, as a technology company that sells its users access to data, bears the greatest responsibility for its misuse." However, he acknowledges that "the platform is also being used irresponsibly by consumers who, although they have information available to them to judge, share too much information."
"A simple hacker, but also state services, track users based on the information they share", Mr.Kasimis stresses in the Sunday edition of Ethnos, who also talks about the practice of "doxing" used by hackers: the collection of all the information one can find about a user from all his profiles, his accounts, his emails, in order to "categorise" the user. "By targeting a person and collecting information about them, they can, for example, figure out which political spectrum they belong to," he says.
Recall that the huge data abuse scandal that broke two weeks ago is primarily political, since the data was used to manipulate voters in order to help Donald Trump win the 2016 presidential election. In the US, where the revelations began, a total of 320,000 people took a personality test via Facebook and unwittingly gave access not only to their own data but also to that of their friends, resulting in a "pool" of over 50 million profiles. The data was then quantified and psychological and political profiles were created, incorporating data from other sources such as electoral rolls. All of this was used to create personalised ads in key states that would ensure Trump's victory.
The revelations caused a global uproar and in recent days one of the most popular hashtags on social networks is #DeleteFacebook, with big tech personalities, such as Whatsapp co-founder Brian Acton, calling on users to delete their accounts on Mark Zuckerberg's platform.
"The deletion of Facebook is justified for some. Although it has some positive uses, at this point anyone who wants to connect with friends, family, colleagues has other options," Siciliano argues, stating that "Facebook is a mess. And those who spend a lot of time on it find themselves in a vicious cycle of wasted time and unnecessary posts and comments." In contrast, Mr. Casimi believes that "there is no reason" to delete Facebook. "I think we give our information to Facebook and to each company. We should not demonize the Internet, it is a tool that with the right moves can be very beneficial," stresses the Greek CEO of Audax CyberSecurity, who urges us to be careful what we post: "What the user can do is to reduce the publication of his information to such an extent that it does not pose a risk to himself and there is protection of himself and his personal data."
However, both experts believe that the scandal and the #DeleteFacebook campaign will not change the social media landscape. For millions of people Facebook is a habit. For some it will be a wake-up call. Those who have been waiting for an excuse may delete it. Others who spend too much time on Facebook won't change anything," says Robert Siciliano, noting that "the only change that will happen is that Facebook will change its relationship with advertisers, but the public won't notice any difference." He believes that despite the platform's announcements of changes in the wake of the scandal, "Facebook cannot dramatically change its usage. You publish your data there, you talk to people, you upload all your moments."
As Mr. Kasimis says, the issue of personal data protection does not only concern foreign countries or only public persons. "In recent years, Greece has been targeted by cybercrime and there are many cases of cybercrime in businesses, organisations, state infrastructure and in social media of celebrities and non-famous people. There are daily cases of fraud and hacking. Anyone who uses the internet, has an email, a profile, gives data that may be useful to some people because they collect it and then sell it," he says. "A credit card email with its pin on the dark web is sold for only 1-2 euros each. However, in recent years there has been a huge turnover in terms of the medical data of each user. Medical personal data can be sold for up to 50 euros in the dark web. They are the target of very large organisations, pharmaceutical companies and there is a very big game on the dark web through specific forums and websites," he reveals.