By Marcus Lavergne
More than 200 billion emails were sent every day in 2015, according to the independent technology market research firm The Radicati Group, Inc. The number is expected to grow to a little less than 250 billion emails a day in 2019. Those emails are being sent by more than 4 billion email users.
The large number of those emails flying through cyberspace isn’t an issue by itself, but in a time where cybersecurity is becoming increasingly delicate due to hackers and data-stealing technology, those emails can result in negative consequences like the theft of personal information and spam accounts.
For journalism students at the University of Nevada, Reno, the chance to begin fortifying their email security came last Friday. Reno’s first crypto-party took place in the Donald W. Reynolds School of Journalism. The event was hosted by assistant professor Ben Birkinbine, who believes there are several steps people should take in protecting their personal data.
Birkinbine’s guest speaker, assistant computer science professor Ming Li, revealed that out of all the email traffic soaring through their servers, 99 percent is unprotected.
“Whenever one of the servers is compromised, attackers can see and steal information,” Li said.
Strong evidence that private data isn’t all that private came in 2013 when actions by former NSA contractor Edward Snowden disclosed the government surveillance of U.S. citizens. That caused a shift in the focus on data protection.
According to a 2015 Pew Research Center survey, 25 percent of U.S. citizens who heard about the surveillance programs reportedly changed the way they emailed, sent text messages and used search engines for the sake of protecting their information.
That’s a small number compared to the 46 percent of people who reported that even after the information came to light, they did not use email protection programs. Pretty Good Privacy, the program used during Birkinbine’s lesson, is one well-known resource used to guard emails.
Perhaps even more frightening, in 2014, the worldwide email service AOL caught national media attention when it revealed that a “significant number” of its more than 120 million users had been hacked. To this day, AOL has not disclosed the exact number, but it did reveal that the hacked email accounts were sending out a link that could cause a malware infestation, viruses and phishing attacks.
Birkinbine says there are several types of security involved when protecting personal information. Human security is a large factor and includes keeping strong passwords, using different passwords with different accounts, and being wary of shared computers.
During the crypto session, students learned about the power of encryption, one of the most effective methods for securing data. Encryption involves a process where encoded data, or ciphertext, is sent to authorized recipients who have the one and only “key” to opening or decrypting the message. This creates a secure link between the sender and whoever receives the content at the other end.
During the Snowden controversy, Snowden relayed his information to Glenn Greenwald, a journalist and co-founding editor of The Intercept. Although Snowden reportedly attempted to teach Greenwald how to use encryption, there were issues — learning gaps that played a part in Snowden’s discovery by the NSA.
“I offered the workshop because I thought it would be important, and that people might be interested, but more specifically for, say, journalism students,” Birkinbine said. “If they’re interested in soliciting sources who want to contact them in a secure manner, that’s one small way that they can signal that they’re able to receive those types of communications.”
Anyone with an email service can find open-source, free tools for encryption or pay for encryption services — something many businesses are investing in today. Although there are several different reasons for approaching encryption measures, the ultimate goal for most is securing the communication network from outsiders.
That being said, Birkinbine says encryption is not an invincible, all-encompassing means for defending that network. Services like PGP can only protect so much, but information including subject lines, times and dates of communication, and one’s network of associates may still be exposed. That’s one reason Birkinbine says it’s important for individuals to “assess their risk level” and determine just how sensitive the information could be.
Birkinbine added that for some, encryption means buying more time before that information is exposed or compromised, namely by the government.
“People look at it and say, listen, political solutions have seemed to have failed when it comes to radical reforms,” Birkinbine said. “Social solutions pop up and sort of subside. You know they may make small progress, but the technological realm is still one where people out there have more knowledge and those people are often tapped by places like the NSA or FBI.”
Although Birkinbine is an advocate of protecting some information, be it from agencies like the FBI or malicious hackers, he does believe the government has a responsibility to develop an improved protocol for dealing with people who would cause others harm, rather than innocent citizens.
There are pros and cons to encryption, but in an age of rapidly growing Internet dependency and lightspeed information transportation, it’s important to exercise tight cybersecurity practices.
In the end, it could make the difference between a secure online conversation and identity or credit card theft.
Marcus Lavergne can be reached at firstname.lastname@example.org and on Twitter @mlavergne21.