Internet Research Project

Risks from Collecting and Storing Information

Some risks associated with collecting and storing information include cyberattacks such as data breaches, hacking, and identity theft or fraud. When large amounts of personal data are stored by companies or organizations, they can become targets for attackers who try to access sensitive information without permission. For example, the 2017 Equifax breach compromised the personal data of over 140 million people, including names, Social Security numbers, birth dates, and addresses. Incidents like this can have serious consequences because the exposed information can be used to steal identities, open fraudulent accounts, or cause long-term financial harm to individuals. In addition, once personal data is released online, it is often very difficult or impossible to fully remove it, which increases the long-term risk for affected users.

User data can also be sold to third parties, often without users fully understanding how their information is being shared or used. These third parties may use the data for malicious purposes, such as creating fake accounts under other people’s names, sending spam, or causing major financial loss through scams or fraud. In some cases, stolen or sold data can also be combined with other leaked information to build detailed profiles of individuals, making attacks more targeted and harder to detect. Such data can include a user’s name, email address, IP address, physical location, browsing history or driving data, and even sensitive health records. Because this information is so personal, its misuse can lead to privacy violations, identity theft, and long-term security risks for the affected individuals.

These risks are increased by a lack of transparency and user control over how personal data is collected, stored, and shared. Many people are unaware of what information is being collected about them, how long it is stored, or which third parties may have access to it. Because of this, users often do not fully understand the potential risks or how to properly protect themselves online. In many cases, privacy settings can be confusing or difficult to find, which makes it even harder for individuals to take control of their own data. Education and awareness about digital safety, privacy settings, and responsible online behavior can help reduce these risks and empower users to make more informed decisions about their personal information.

For example, 2023 insider leaks at Amazon and Samsung had lasting consequences on those effected

Sources used: Harvard Online shrm.org

How can computing resources be misused and protected?

Computing resources are misused in a multitude of ways, such as hacking, unauthorized access, data theft, and the exploitation of security weaknesses in computer systems. When individuals or organizations fail to properly secure their systems, it can allow the wrong people to gain access to files, accounts, or other sensitive information, including personal data and intellectual property. This type of misuse can have serious consequences for both individuals and businesses alike. Such problems can include financial loss, identity theft, damaged credit, disruption of services, and sensitive information being leaked or sold online. In more severe cases, it can also damage a company’s reputation and lead to more trust-related issues with users.

A large issue with online safety and computer misuse is just plain negligence on the user/individual’s side. Failing to secure data, forgetting to log out, or improper disposal of electronics all fall under this. Negligent acts can lead to a disruption of system services, or data loss and exposure. However, negligence can be countered through regular audits, updating software, and proper education on how to properly use computing resources. Negligence causes a large amount of damage in this area, but it is also one of the most counteractable causes.

Computing resources can be protected by being aware. Using strong passwords or multi-factor authentication can help prevent unauthorized entry. Firewalls and other secure, encrypted protocols can help protect network traffic. Maintaining systems and regularly updating them can also patch out vulnerabilities. Encryption, having backups, and secure data destruction methods can also help with this. However, proper education on the matter can help the average population become more self-sufficient on the topic.

For example, the WannaCry ransomware attack in 2017 misused computing resources by encypting files and using computing systems without information.

Sources used: Iowa State University University of Virginia

How is unauthorized access to information gained?

Gaining access to systems without permission in order to steal or change data, known as hacking, can only happen if the attacker first gets access to a system or account. To do this, hackers often use common techniques such as phishing and social engineering. Phishing is when fake emails, messages, or websites are used to trick people into clicking harmful links, downloading malware, or entering personal information like passwords. Social engineering is when attackers manipulate people by pretending to be someone they trust or by creating urgency to get them to share information. These attacks can often be stopped if people are careful, check if messages are real, and avoid clicking on suspicious links. Being aware of these tricks and learning basic online safety can greatly reduce the risk of becoming a victim.

However, some techniques of hacking do not require directly interacting with or communicating with the target. Malware, for example, involves infiltrating systems using malicious software such as ransomware, spyware, or viruses. Once installed, this software can steal sensitive data, monitor user activity, disrupt normal system operations, or even give attackers remote control over a device. Another common method is credential theft, which focuses on obtaining login information in order to access accounts without permission. This can happen through techniques such as brute force attacks, where many password combinations are tried, keylogging, where keystrokes are recorded, or through data breaches where stolen login details are leaked online. These methods can be especially dangerous because they often happen without the user realizing their system has been compromised.

The exploitation of flaws or vulnerabilities in systems involves taking advantage of weaknesses in software, hardware, or network security to bypass protection measures. These flaws can be known vulnerabilities that have not been patched yet, or unknown “zero-day” vulnerabilities that developers have not discovered or fixed. Attackers use these weaknesses to gain unauthorized access, steal data, or take control of systems. Another common type of attack is a Man-in-the-Middle (MITM) attack, where the attacker secretly intercepts communication between two users or devices. This often happens on unsecured networks, such as public Wi-Fi, where data is not properly encrypted. In these cases, attackers can steal sensitive information like passwords, messages, or financial details, or even alter the information being sent without either party knowing.

For example, the Equifax Breach, where attackers exploited a vulnerability and gained access to personal data, such as SSNs.

Sources used: Paubox Huntress

How can computing innovation be beneficial and harmful??

Computing innovation can potentially boost efficiency, enhance safety, and foster connection between people. Automation and artificial intelligence can analyze and work with large data sets much faster than a human possibly could, helping to improve decision-making and reduce errors. Robots can also handle dangerous or repetitive tasks with little to no risk to human life, which may improve workplace safety and reduce mistakes. In addition, innovations such as the internet, social media, and communication platforms have made it easier than ever for people around the world to connect, collaborate, and share information quickly and efficiently.

For example, artificial intelligence and machine learning can improve customer service through chatbots and speed up medical diagnostics by analyzing patient data. Cloud computing allows users and organizations to store and access data easily from anywhere, making collaboration more efficient. Blockchain technology can provide secure and transparent transactions, which may help reduce fraud and lower costs in financial services. However, it is important to remember that despite the significant advantages provided by computing innovations, they can also have consequences, whether intended or unintended, such as privacy concerns, security risks, or unequal access to technology.

While computing innovations can lead to many positive outcomes, they also have several negative effects. AI systems that are trained on skewed or incorrect data can unintentionally automate and amplify mistakes or biases, leading to unfair or inaccurate results. More advanced forms of cyberattacks can also cause major data breaches or disrupt essential services, sometimes shutting systems down entirely. In addition, automation and artificial intelligence may reduce the need for certain jobs, which could lead to unemployment in some industries. The addictive and highly engaging nature of some computing innovations can also cause physical effects, such as eye strain from prolonged screen use.

Computing innovations such as social media can also lead to emotional and social consequences, including depression, anxiety, and other negative feelings caused by cyberbullying, harassment, and online hate. Overall, computing innovations are extremely powerful but also volatile, meaning they can be both very helpful and very harmful depending on how they are used. Because of this, they should be developed and used carefully and responsibly.

For example, Social Media can connect people globally and help bring attention to important issues. However, it can also be used as a catalyst for cyberbullying, and therefore anxiety and depression.

Sources used: Fiveable Pewresearch