Critical Social Infrastructure: Responding to Attacks on National ID Systems
Design vulnerabilities, inadequate security measures, targeted
attacks, and flawed engineering have compromised some of the most
sensitive national databases from the US to India, Estonia and
South Korea. In this session, panelists will reframe personal d
27 Minuten
Podcast
Podcaster
Beschreibung
vor 6 Jahren
Eva Galperin, Maya Indira Ganesh Over the last year the world has
witnessed a series of security breaches that have compromised
massive repositories for personal information: the Equifax hack
that compromised the should-be-secret social security numbers of
over 140 million Americans; a breach of India’s Aadhaar biometric
ID database of 1.2 billion citizens; the hack of the South
Korean ID database; the 2015 US Office of Personnel Management
hack; the effects of WannaCry on the British National Health
Service; of vulnerabilities in Estonia’s ID chip card. And there is
no guarantee there won’t be more in the future. The breaches and
hacks of these databases tend to be discussed in terms of
implications for personal privacy, and cybersecurity since data is
viewed as a commodity to be bought and sold. Many of these
databases are in fact public assets. How does the notion of
‘critical infrastructure’ scale beyond physical assets like bridges
and roads or water supply systems? How do we rethink design,
ownership, liability and security when large national databases are
viewed as critical social and public infrastructure? As a national
ID number is used to access a variety of services, we seek to show
how this layer of ‘social infrastructure’ creates challenges for a
variety of industries, social and public systems. We will parse
tensions - and competing interests - at different levels of the
infrastructure stack. Panelists will map the technical, social and
personal impacts of database compromise, and in doing so will look
at the role of various stakeholders and response strategies, as
well as address what governments and individuals can do to take
preemptive security measures. As these systems do not offer
citizens a way to ‘opt-out’, discussion will discuss philosophical
notions of privacy and security, and try to rethink ethics and
accountability in these contexts. The panel will also assess
the new challenges these large hacks have for digital security
trainings and infosec best practices at the individual and
organizational level given the increasingly asymmetrical power
dynamics between citizens, states, corporations, and large digital
artifacts like databases
witnessed a series of security breaches that have compromised
massive repositories for personal information: the Equifax hack
that compromised the should-be-secret social security numbers of
over 140 million Americans; a breach of India’s Aadhaar biometric
ID database of 1.2 billion citizens; the hack of the South
Korean ID database; the 2015 US Office of Personnel Management
hack; the effects of WannaCry on the British National Health
Service; of vulnerabilities in Estonia’s ID chip card. And there is
no guarantee there won’t be more in the future. The breaches and
hacks of these databases tend to be discussed in terms of
implications for personal privacy, and cybersecurity since data is
viewed as a commodity to be bought and sold. Many of these
databases are in fact public assets. How does the notion of
‘critical infrastructure’ scale beyond physical assets like bridges
and roads or water supply systems? How do we rethink design,
ownership, liability and security when large national databases are
viewed as critical social and public infrastructure? As a national
ID number is used to access a variety of services, we seek to show
how this layer of ‘social infrastructure’ creates challenges for a
variety of industries, social and public systems. We will parse
tensions - and competing interests - at different levels of the
infrastructure stack. Panelists will map the technical, social and
personal impacts of database compromise, and in doing so will look
at the role of various stakeholders and response strategies, as
well as address what governments and individuals can do to take
preemptive security measures. As these systems do not offer
citizens a way to ‘opt-out’, discussion will discuss philosophical
notions of privacy and security, and try to rethink ethics and
accountability in these contexts. The panel will also assess
the new challenges these large hacks have for digital security
trainings and infosec best practices at the individual and
organizational level given the increasingly asymmetrical power
dynamics between citizens, states, corporations, and large digital
artifacts like databases
Weitere Episoden
32 Minuten
vor 6 Jahren
25 Minuten
vor 6 Jahren
30 Minuten
vor 6 Jahren
31 Minuten
vor 6 Jahren
55 Minuten
vor 6 Jahren
In Podcasts werben
Kommentare (0)