It has been over three weeks since the PlayStation Network was shut down by Sony following an attack on the service that compromised the personal information of its users. The company has also faced a similar attack on its Sony Online Entertainment property, causing an identical shutdown of all their MMOs, and a third attack was attempted but stopped last weekend. Initially meant to return last week, the PSN was then said to not be back until the end of the month before Sony retracted those statements and claimed they’re not sure when the service will reappear. This overwhelming situation could speak volumes about Sony and its inability to protect its customers and keep their trust, but it also reflects on just how carefree and naive modern society as a whole has become to the idea of giving out personal information in the internet age.
With the evolution of the internet over the past fifteen years, everything has become easier, simpler, and quicker. The blazing speed and ease of use of being able to do almost anything while in front of a computer screen makes the prospect of actually going out to purchase things sound absolutely absurd. Why go out and buy a game when you can have it pre-ordered on Amazon and have it shipped to you on release day? What’s the point of those Xbox LIVE subscription and Microsoft Points cards when you can just grab them while logged onto the console?
Having the ability to grab and go is something that has heavily influenced both society and economy, at least in America, since the 1950s. It is something that the current generation has grown up on, been surrounded by, and made to believe is absolutely 100 percent safe. It is the norm. So when online shops and console manufacturers told us things can be made even easier by trusting them with our personal information in exchange for a faster, more “user-friendly” means of acquiring items, the majority of us jumped on board without hesitation.
We really should have been more wise — perhaps listened more to the teachings and warnings of the generations before us — but we figured these companies couldn’t afford to screw us over. If they did, we’d rise up against them by threatening to no longer use their service before any serious damage culd be done. It was right of us to trust these people, as they did a rather good job for a long time, but unfortunately everyone underestimated one factor: The sheer ruthless determination of anonymous hackers (Not to be confused with Anonymous hackers, who may or may not be responsible for this).
Anyone who is skilled enough and smart enough at hacking computer systems can get into practically anything they want. The only things keeping them from doing so are the fear of being caught and the lack of motivation to go that far. Unfortunately, the recent rise and mild success of the Anonymous group began to show that perhaps performing horrendous acts, hacking or not, through the internet could keep you from getting caught by authorities. This eroded the fear factor for what appears to be a select few connected to the group. All they needed was something like Sony attempting to prove those beliefs wrong, thus kicking the bees’ nest and giving these “righteous” hackers the motivation required. Once that happened, it didn’t take long for us all to suffer.
In underestimating the power of hackers in their ability to perform acts of digital terrorism, Sony did not do what it swore it would for its customers. In simply taking Sony’s word for it, as we had been with countless other companies for the sake of easy accessibility all our lives, we as consumers paid the consequences. Now what we must do is not panic, but instead learn from this, expect better, and demand better.
One solution I would propose when this whole debacle brings itself to an end is that we as customers start appealing for better security from these companies and have them prove themselves by putting their security measures to the test. What I believe must be done is that each industry, or the government, should establish a new non-profit regulatory body to not only test, but enforce and punish the security systems of these services to protect consumers. For the games industry, this agency would operate similarly to the ESRB, but would evaluate and provide information on security. The new entity would hire individuals who are extremely experienced and skilled at hacking security programs. These employees’ actions would be reported and all of their information kept on file, preventing them from using their jobs for personal gain.
Once the new “professional security testers” are in place, they would be tasked with monitoring security systems and their updates from those who provide services that require the personal information of customers. Then, at random intervals throughout the year, these testers would do their best to hack into the system and gain access to the information within. Based on the results, each service would be given a grade and the testers would decide whether it is safe enough to protect from most, if not all, digital terror threats. If a company should fail, not only would it be fined, but also have that failure publicized in order to warn and inform consumers. At the risk of public humiliation, most companies would and should work as hard as possible to ensure their security systems are top notch and virtually impenetrable.
Whether this happens or not, we as consumers need to now realize that the threat of cyber terrorism from hackers is a serious one. We should no longer hand out our personal information for online shopping and services so easily. Society should demand better, and make these companies in one way or another prove that something like this will never happen again. If they do not, then we should all exercise our power and do what many may do with Sony if their situation gets any worse: Leave them, and break them… as they have done with our trust.