Network Security

I leave you with the latest article published in different newspapers Joly Group on 14 May. If you prefer you can complete the podium will download in PDF format by clicking here .

A few days ago we all woke up with the news of the theft of personal data of more than 100 million users of Sony's PlayStation Network. We lay hands on the purse and began to call the bank, fearing that not only my email and was sold to the highest bidder, probably my data credit card, too.

Sony blamed the activist group Anonymous hacker to cause, directly or indirectly, that will never be known, the violation of security, data theft that occurred at the same time battling a bout of "denial of service" from Anonymous something like dawdle here and stolen there. The theft took place and was detected on the same day April 20, but we, your customers, we did not know until April 26, nearly a week later, when more than one will be built with hundreds or thousands of dollars less in current account, which, of course, we should not forgive. But this was not the only case, and unfortunately the last. In 2009, 10,000 were stolen access codes to the electronic mail service Hotmail and Facebook nearly two million keys, in all cases, these personal data are put on sale immediately. Companies require us to step in a trail of information systems personnel in the best include your name and email address, but with the advent of online gaming platforms and applications for mobile devices every day happily facilitate dozens of companies in our data from credit cards or debit cards.

Most of the companies working with our credit card data assumed to have invested significant resources to ensure that the information of its users is not compromised, but at the same time, increases the desire by hackers be done with this information. It is not just about email, but my bank account, my address, my tastes and interests ... We are providing data that do not share with close ones, just to play a game online. Is history data theft for selling mail spam companies. Now these rich data are far more lucrative purposes, from requesting a credit to our name we will be forced to return euro euro, up transactions, clearly without our consent and difficult to repay. It is true that we lack a possibly more profound education in the use of protection tools at our disposal.

Surely our keys are weak or are simply neglected and always use the same password for all our accounts, true, but it is not an obstacle to force any company confidential data as we seek to security guarantees, which today are clearly not sufficient. The problem that exists in the background is that these databases are normally stored in countries like the USA and Japan under their own laws, which often protect companies more than consumers, laws that have little to do with the laws of our country. After the incident, Sony has had only two ideas: giving away a free month of service Plus and require all registered PlayStation Network users to change passwords for your accounts before you can enter the system. In principle, nothing we ensure that this data theft can not give back any day. Finally we who must make solutions so that if we have not been attacked on our own, we can avoid it in future. If you are registered on the PlayStation Network and we cancel our credit cards and get new ones and we must change the password on other services that use the same password as on the PlayStation Network so they can prevent those who do have access to the data stolen from Sony .

In Spain they have been about 200 people that have suffered the theft. According to the company, people that Law 16/2009 Payment Services defends these thefts and forces banks to instantly return the amount of unauthorized transactions. We're talking an easy path in complicated theory and practice, which begins when we approach our office may end banking and two months later, claiming the Bank of Spain which we do not solve our bank.

Tags: Alejandro Suarez Sanchez-Ocaña , Joly group , Opinion , tribune