Ananda Mitra - Digital Security, Revised Edition

Copyright 2020 by Infobase

All rights reserved. No part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval systems, without permission in writing from the publisher. For more information, contact:

Chelsea House
An imprint of Infobase
132 West 31st Street
New York NY 10001

ISBN 978-1-4381-8270-4

You can find Chelsea House on the World Wide Web
at http://www.infobase.com

Everyone in the United States is issued a Social Security number that becomes a personal identity code used for many different transactions. When unscrupulous people gain access to this number, they can use it for fraudulent purposes. This happened to a family in Illinois, when the Social Security number of a seven-year-old child was stolen and used illegally in 2008. Gene Haschak of the Daily Herald reported that when the culprit was caught in Illinois, it was found that "he has used the Social Security card with the victim's information to obtain a truck, three separate jobs, gas and electrical service for his home, a credit card, unemployment benefits twice for a total of six months, and over $60,000 in pay and services." This illegal act of fraud, also known as identity theft, is not a new or an occasional incident; new technologies have simply opened up new threats and challenges to personal and public safety. New crimes are possible because a person's identity can be digitally produced, maintained, and manipulated. This chapter looks at the relationship between a person's actual self and his or her digital representation.

People and nations are concerned about their security and safety. They use soldiers to guard the borders between countries, police officers to offer protection inside the country, and locks on doors to keep intruders away from homes. The goal is to protect their space from enemies who might want to violate the space. The December 7, 1942, bombing of Pearl Harbor showed the American people that Japan was the enemy in World War II, just as the September 11, 2001, destruction of the World Trade Center in New York demonstrated that terrorists were bent on targeting Americans. Knowing one's enemy makes one stronger, since it is then possible to construct defenses against the possible enemy attacks. This is one of the reasons why nations require that everyone possess a legal passport before he or she is allowed into a country. The passport identifies a person, and a person who has been previously identified as a possible threat can be stopped from entering the country. This is just one of the ways in which national space is protected. Other ways range from satellite surveillance to border fences that help to protect geographic spaces.

The digital age poses a new vulnerability because digital spaces do not physically exist; cyberspace is built of binary data made up of numbers that reside on numerous computers across the world. A good way of thinking of cyberspace is to imagine it as a large number of computer files residing on millions of computers that are all connected by the Internet. Web sites are a part of this cyberspace, as are the countless e-mails sent daily by millions of people. Because cyberspace only exists virtually, it is impossible to touch it in the way one can touch a piece of rock. There are also no good ways to know who is in cyberspace, because anyone with access to a networked computer can access the Internet and cyberspace. In a world that has learned to protect its real spaces, border control officials often know who has entered a country or police can block off a space under attack by the enemy. It is far more difficult, however, to constantly trace who is in which part of cyberspace; there are too many people in cyberspace, and there are many good methods of hiding one's presence there.

Given these differences between physical space and cyberspace, the ways a person is vulnerable in cyberspace are harder to detect than the dangers in real space. The dangers in real space often have to do with physical injury, where someone can hit another person to break a bone. In cyberspace, there is no real tangible existence, but a person exists as a set of numbers, simply as information, which can become vulnerable because digital information can be easily transformed, stolen, and circulated throughout the Internet. In cyberspace, the attack could be on the information that represents someone, causing great personal, legal, or financial harm. Some individuals are at a greater risk than others because they have a larger presence in cyberspace.

It is now possible for most people all over the world to get on the Internet. In developed countries like the United States, a significant portion of people have Internet access in their homes from using their personal computers. Others have access to the Internet from places like schools, libraries, local universities, and other public institutions. There is access also through Internet cafs and other private institutions that are set up to allow people to connect to the Internet. According to the 2008 CIA World Factbook, there are an estimated 1.6 billion Internet users in the world, 231 million of whom reside in the United States. Internet availability is a little different in developing countries, but an increasing number of people are able to gain access.

In order to gain access to the Internet, an individual must have a computer connected to the Internet. User accounts can offer people access to different parts of the Internet; if one wants to subscribe to Internet-based information services that send periodic updates on topics like world news, the stock market, or the weather, then the user must establish an account with the service provider. Most of the time, the user provides information by completing a form that appears on the computer screen, and the information is stored in a computer information storage system called a database. The person disclosing the information usually does it in good faith, but that information can easily be compromised, as reported in an August 2006 article in USA Today. Reporters Michelle Kessler and Kevin Maney wrote how an employee of former Internet giant America Online (AOL), "without authorization, posted on the Internet the millions of search words typed in by 658,000 users over a three-month period." These words were typed in by users who never expected that the information would become publicly available, but one individual who had access to the information was able to violate the trust of the people who typed the words. While the search words might not be very critical to personal safety, people often give out other important informationsuch as date of birth, gender, Social Security number, or driver's license numberto specific Web sites in order to do a variety of activities, including online banking and social networking. This willingness to send such sensitive information out into cyberspace makes people vulnerable because such information can be misused similar to the search words.

In cyberspace, personal information is a representation of a real person. There are many ways of getting this information, including legally purchasing it. Often, when people disclose personal information to Web sites in exchange for a service or information, they have to accept a license agreement that can allow the company collecting the information to sell the identity information. Such sale of information happens routinely between large corporations, and people can be identified through that process. Information that is collected in a legitimate way, however, can also become compromised, and someone can easily access unprotected information. In May 2006, an employee of the U.S. Department of Veterans Affairs took home a computer with the personal records of 26 million American war veterans. When thieves stole this computer, the personal information of the millions of former soldiers became compromised.