November 15, 2011
Ninety percent of what students are communicating is also available to the rest of the world and may be stored forever.
Personal social media accounts can be hacked easier than ever before, and the content you post can make your accounts more vulnerable, said Corey Ciocchetti, a University of Denver professor.
“College students don’t understand the implications of social media ethically, legally or relationally,” said Ciocchetti, who recently presented “Getting Real About Online Privacy” on Oct. 26 at Texas Tech. “It’s a different way of communicating for these students than adults because they have had an online presence their entire lives.”
Sam Segran, Texas Tech’s chief information officer, said there are three types of hackers: the malicious hackers, e.g. the upset girlfriend/boyfriend or a disgruntled ex-employee who wants to cause harm; foreign governments stealing information to gain an advantage; and the largest hackers, the economically motivated.
“Some of these hacks are commercially motivated,” said Ciocchetti. “They want social security numbers, addresses, student numbers, etc. They basically want enough information to sell for target marketing.”
Segran said today’s hackers are organized and so good at what they do that they can match the same person by using information gleaned from many different sites. This amount of information available from different sites makes password security questions vulnerable.
“If you look at Sarah Palin’s account and how it got hacked, it wasn’t that somebody went and guessed her password or hacked it,” said Segran, “they instead went in and looked at her online profile and answered the security questions from the information in her profiles.”
Ciocchetti said this type of profile infiltration arises because there is no filter with college students. When the majority of adults send an email, or post on Facebook or Twitter, they stop and think about what they are going to say, spell-check it, then post it. They carry out their lives in a way that if someone takes a picture at any time it’s not incriminating.
“I try to ask my students, ‘Do you want to post a picture of that kid doing a keg stand?’” Ciocchetti said. “What repercussions will that have for him? Ethically is that the right thing to do?”
Segran said today's hackers are good at what they do, therefore password security is increasingly important.
Students think the information they share is with friends. Segran said students don’t understand that 90 percent of what they are communicating also is available to the rest of the world and may be stored forever.
“We just need to raise awareness around them,” Segran said. “Most of the students who have been burned once will learn very quickly, and their friends will learn very quickly. But if you haven’t been burned, a lot of times they possess this feeling of having a bubble of security around them thinking, ‘It can’t happen to me.’”
There is hope out there, Segran said. The systems students are working with like Facebook, Twitter or LinkedIn were created first and foremost to facilitate and enhance communication easily. These websites’ main goal was to get people out there communicating as quickly as possible.
Good security was not added to these systems until a few years ago, and has been patched on layer by layer. Now, they are trying to play catch up, Segran said. Ultimately security will improve as more tools become available.
Ciocchetti said the federal government and all state governments are not going to lead the way because they don’t understand technology.
“They always react, so we can’t count on them to legislate through this, so it is going to be creative innovations that technology professionals are coming up with that will sort of lead the way,” said Ciocchetti.
The idea of cyber security is becoming a much more important topic the more technology becomes intertwined in people’s lives.
“As technology gets more advanced and the issues get more and more on the table for people to consider, and as life becomes more intertwined electronically, these kinds of security methods and tools will come together,” Segran said. “We just have to go through the learning curve to get there.”