The news was startling. Reports indicated that a hacker had obtained a massive no-fly list of individuals accused of being potential terrorists. Unofficially called the “terror watch list,” this controversial list includes the names of people who have been flagged by security and law enforcement officials as posing possible risks to civil aviation.
The hacker reportedly scavenged this list from a government agency. The thief made off in the night before the breach was discovered, leaving behind a trail of confusion, questions and a seemingly insurmountable challenge: How do you secure a list of this magnitude, preventing vulnerabilities from being exploited not just now but in the future?
The list is so sensitive it cannot be stored on an unsecure network, particularly one that could be easily accessed by the public. Regulatory agencies have been debating this problem for years, citing the risk to national security and the potential of overreaching data collection as reasons for holding off on using Internet-accessible databases.
The response from the government has been swift; all government officials with access to the list were notified and all databases with the information were immediately taken offline and secured. Officials insist that the list itself remains secure and current, but the breach highlights the vulnerability of security systems and the risk of storing information online.
Experts say that this hack is a stark reminder of why we need to ensure that access to sensitive information is both secure and limited. With cyber-crimes on the rise, the need for increased security and detailed protocols for handling high-level information has become obvious.
The government should reevaluate its security policies and protocols and take steps to prevent these breaches from occurring in the future. A cyber security taskforce should be created to audit existing systems and address any gaps in order to mitigate the risk posed by charged list breaches.
The hacker has yet to be identified and the full scope of their reach is still unknown, but it’s clear that more needs to be done to prevent similar breaches from occurring in the future. The protection of our nation’s data is of utmost importance, and failing to do so could have devastating consequences.
