Training and awareness is a big part of security standards like ISO27001, NIST, CIS etc. But making it interesting isn't always an easy task.
This is why you need to watch the new 3-part Netflix series, which covers hacking, social engineering, email security, password protection and revenge porn.
WARNING:
This article contains topics some might find shocking and certainly contains spoilers, but it's a story we should explore as there are lessons for us all to learn here.
So come with me and meet the most hated man on the internet.
Who is he?
Over 3 episodes, we get to meet the man behind the website 'IsAnyOneUp.com', Hunter Moore. A self-proclaimed "King of Revenge Porn", he created the website to post intimate pictures of an ex-girlfriend who had dumped him.
Of course, when someone creates something on the internet involving sex and allows users to comment on them, it's going to be popular. If you think this is an exaggeration, then you should be reminded that Facebook started out as a college initiative allowing college kids to rate pictures of each other. It is clearly a safer and less destructive approach, but it is at the top of a very slippery and dangerous slope.
It's important to state that this story plays out principally around twelve years ago when in 2010, Hunter started the website, which quick;y grew to the point where he was earning around $12,000 per month from paid advertising.
What was 'IsAnyOneUp'?
The site was effectively a platform for people to post intimate images of people with the sole purpose of causing harm and distress, which it clearly did. When watching the show, you cannot help but feel chilled at the stories of (mostly) women who talked about receiving calls from friends and family saying, "I've seen naked photos of you on this website!"
But wait… it's not just about images.
If it wasn't bad enough to have highly personal images posted on the site, Hunter went further. He would link the images to the person's social media feeds, such as Facebook and would often post the work and even home addresses on the site.
And of course, there was the comments section… "Slut”, and "Whore” were two words which were used repeatedly used to describe those on the site. The digital 'pile on' was only made worse by Hunter, who provoked and encouraged comments about the people on the site. The comments included threats of rape and physical attacks, which must have been terrifying for the people who now had their personal details exposed to the worse forms of humanity.
Heroes and villains
The Netflix 3part story does a great job of highlighting the heroes and villains, and we should not forget that there were indeed heroes in this story, I would suggest every person (mainly women) who came forward to assist in the investigation against Hunter was a hero, but special praise must go to Charlotte Laws who made it her mission to take action and shut down his operation.
You might be wondering what the police were doing at this time, it's a good question, and the answer highlights how far we have come in a short space of time.
In 2012 what Hunter was doing was not illegal. Indeed his defence is pretty much the same as most platforms, such as FaceBook when it comes to publishing material that is 'questionable'. Their defence is that they are merely providing a platform – it's not THEM doing any wrong, it's the hundreds of people sending in pictures of their ex-partners. The blame (they say) is with the person who took the images and then allowed themselves to be exploited(!) Of course, this is an abhorrent attempt to victim blame and absolve themselves of any guilt, which is why Hunter was repeatedly described as a sociopath.
The Take Down
So if the law hadn't caught up at this point, how was he eventually shut down? Well, although Revenge Porn was not against the law, hacking into someone's computer and personal files is.
Charlotte Laws daughter was just one of Hunter's victims, and it was apparent from the outset that she had never sent her personal images to anyone other than her own online email account. So how had they ended up on Hunters site?
Hunter had colluded with a Hacker who hacked into online email accounts and stole the images.
Ultimately, his illegal access to another person's email accounts put him behind bars, not that he had effectively destroyed people's lives. He had put people at risk of very real harm by posting their images, full names, and addresses and then throwing them to the lowest of low internet trolls to feast upon.
In November 2015, Moore was sentenced to two years and six months in prison and released in May 2017.
Where are we now?
In the UK, there is a law which explicitly addresses Revenge Porn. Not many people know about it, but it certainly prevents people like Hunter from profiting from people wishing to share personal images of people with the intention to cause harm or distress.
Under Section 33 of the Criminal Justice and Court Act 2015, this offence is punishable by up to two years in prison. Revenge porn, also known as 'image-based sexual abuse', is defined as “the distribution of a private sexual image of someone without their consent and with the intention of causing them distress.”
But laws are not enough. We need more education and conversation about this topic.
I am not victim-blaming here at all. However, we need to consider very carefully the very real risk we take when we take explicit images and store them online. We must then also consider who we share them with even more carefully.
Someone who you love and trust today can become your worse enemy tomorrow. It happens. It's reality, and it's a reality of life in the digital age. I would say this is important even when you are in a committed relationship, but on dating apps – I would say it's imperative.
We must remember that sharing images with strangers online leaves us open to numerous risks, including the risk of sextortion.
It's good to talk.
So what should we do? First, watch this show and talk to your families about some of the central themes it raises. From taking personal images for your own pleasure to sharing them with lovers, partners, friends or strangers, what is the attitude of those around you? Do they know the risks?
It is also important to have a conversation about using images to cause harm – sadly, it is mostly men, but women do it too. Using images you have been granted access to, to cause harm is an offence – do our children know this? Do they know the damage they could cause?
As I often tell people in the business world; put this topic on the agenda before it BECOMES the agenda.
Conclusion
Laws are slow to catch up with technology, and our use of it is changing daily. For example, we are already hearing of people being groomed or suffering some form of sexual harassment by people using Virtual Reality headsets.
We need to have conversations with our children because our children grow up as victims or perpetrators. They also grow up to become our employees, leaders, politicians, doctors, and teachers. If we don't face this topic together, then we leave them to face the outcome alone.
Give me a call
If this article has raised some concerns for you, or you would like to talk about how you can raise awareness around Cybersecurity in your organisation, please get in touch.
PS
In the show, the email accounts of many of the victims were hacked. Ensure you have enabled 2-Factor Authentication (2FA) so that anyone logging into your account needs a code to gain access. And remember, if you ever receive a message from someone asking you to send a code that you have received – don't do it.
Comments