Recently, a new research report released by Duke University has attracted widespread attention, which reveals how cyber attackers can easily obtain sensitive information about U.S. military personnel at a low price, thus posing serious risks to national security. The study found that cyberattackers can obtain military personnel information from data brokers, who collect, aggregate and sell the information for profit. These data brokers include credit reporting agencies such as Equifax and Experian, marketing companies such as Acxiom, and data analytics and risk assessment companies such as Verisk. Additionally, mobile apps have become one of the major players in this space, often collecting user information and selling it to third parties without their knowledge or consent.
The information these data brokers collect and sell ranges from names, political preferences, home and email addresses, GPS locations, financial status and health information. This information is extremely valuable to attackers and can be used for malicious activities such as tracking, fraud, and blackmail. For military personnel, the leakage of this sensitive information may pose a direct threat to national security.
Researchers at Duke University have found that obtaining information on active service members and veterans is so easy and cheap that data brokers even have special campaigns targeting this type of data. The researchers contacted multiple data brokers in the United States and successfully purchased military personnel information. They found inconsistencies in how the brokers verified customer identities and noted that the practices were not adequately regulated by the U.S. government.
While some brokers refuse to sell data to unverified organizations, others appear to be more concerned about the confidentiality of the data purchase than the confidentiality of the actual data. When purchasing thousands of records, researchers managed to obtain sensitive information for $0.12 per record, and for larger purchases, the price could even be as low as $0.01 per record.
To further verify the situation, the researchers tried purchasing data using US domains and .asia domain names linked to Singapore IP addresses. Shockingly, some brokers agreed to provide thousands of records even using .asia domain names, including one in Washington. Geofence data for strategic locations such as the District, Fort Bragg, North Carolina, Fort Appy Hill, Virginia, and Quantico.
In response to this problem, researchers from Duke University made suggestions in the report. They argue that some state-to-state espionage operations are particularly interested in the U.S. military's data and recommend that lawmakers enact a comprehensive privacy law to force control of the data brokerage ecosystem and call on Congress to provide more funding to support regulators in enforcing new policies. .
This research report reveals from the side the huge threat that cyber attacks pose to national security. At the same time, in order to protect the military and national security, there is an urgent need to take action to strengthen data protection and regulatory measures. Only with legislative and financial support can we ensure that data brokers adhere to strict regulations, protect personal privacy, and effectively combat cyberattacks.
This study is a wake-up call that we must not ignorecyber securityimportance. It highlights the importance of measures we need to take to protect our military personnel and the nation's sensitive information to ensure national security is not threatened. Only through comprehensive privacy laws and strong regulatory measures can we effectively combat this growing cyber threat.
chief security officersuggestion:
We should pay attention to and enhance public security awareness, educate people on how to protect their personal information, and push the government and relevant stakeholders to strengthen supervision of data brokers. We must push lawmakers to take action and provide regulators with adequate resources to ensure they can effectively carry out their responsibilities and protect our national security.
Through the analysis of the results of research in American universities, we cannot turn a blind eye to this. We must use a sharp point of view to call on all sectors of society to work together to develop and implement stronger measures to ensure the security of our country's military personnel and national sensitive information. Only in this way can we effectively respond to increasingly complex and widespread cyberattack threats and protect our national security.
Original article by batsom, if reproduced, please credit: https://cncso.com/en/uncontrolled-data-trading-industry-poses-national-security-threat-html
