Ashley Madison affair: When technology meets security risk meets stupid

The ‘terror’ a cheating spouse experiences as they fear being found out is not remotely equatable with suicide bombings or crashing a plane

The homepage of the Ashley Madison website. Per capita only the Swiss and the Spaniards exceed us Irish as Ashley Madison “love rats”
The homepage of the Ashley Madison website. Per capita only the Swiss and the Spaniards exceed us Irish as Ashley Madison “love rats”

I think we all know by now that when the technology world touches the real world, there are security risks inherent in the overlap. Hence we have the constant stream of stories about security breaches, hacks, leaks, data losses and damage.

Then there's that special three-way junction, where technology meets security risk meets stupid. In the Ashley Madison website data breach this week, we have the perfect example of this particular triumvirate. That's why Twitter has lit up with cybersniggers. Honestly, try as one might, it's very hard not to not feel sorry for anyone involved.

Not the people who used the unusual dating site, which matches up people who wish to have extramarital affairs (no need to waste time on vanilla dating sites such as match.com, sleazing about pretending you are single, when you can cut to a much briefer chase on ashleymadison.com).

Nor the people who thought up this company idea in the first place – the kind of start-up you would expect to feature in a satirical plot twist on biting Sky series Silicon Valley.

READ MORE

And the fact that the site and parent company Avid Life Media referred to the hack – supposedly done by insiders – as "cyberterrorism"?

Criminal extortion

Oh, come on. The “terror” a cheating spouse experiences as they fear being found out is not remotely comparable with suicide bombings or crashing a plane. Call it criminal extortion, yes, but it isn’t “terrorism”.

Still, you can kind of feel the pain of Ashley Madison’s users, even if you are tempted to LOL. Unless, I suppose, you are one of the supposed 115,000 Irish users waiting to see if the hackers expose (sorry) their personal data, as threatened.

Apparently Irish people are among the most avid European users of the site, according to a "global infidelity map" tweeted by the company recently. (I know. Where do you even begin?) As my colleague Colin Gleeson noted earlier this week, the map claimed 2.5 per cent of Irish people were among the site's claimed 38 million users. That would be about 115,000 Irish souls.

‘Love rats’

Per capita, only the Swiss and the Spaniards exceed us as Ashley Madison "love rats" (as the UK Daily Mirror terms them).

One has to ask: can there really be that many users in Ireland? Are these active accounts or just “accounts”? Social media companies are notorious for a reluctance to separate active users from people who sign up and do little or nothing.

Anyway, let’s just talk about the stupid part of this data breach.

There shouldn’t be data breaches, but there are. They can happen because of poor site security. They can happen by accident, as when an employee loses a data stick or laptop, has a weak password or is the target of social engineering. They can happen because of disgruntled insiders.

The point is: they happen. All the time.

Breaches are so likely to happen that security experts now tell companies to forget about stopping attacks. Assume you are going to have them and work to mitigate the risk of having hackers inside. How will you contain a breach? How will you protect data from being leaked (encryption, encryption, encryption)? What’s the corporate emergency plan?

It’s not clear yet what security defences Ashley Madison had in place. But in this particular situation, it is the users themselves who also need a bit of cop-on.

That’s where stupid comes in. Thirty eight million degrees of stupid. If you are going to use a website to arrange extramarital affairs (really?), then remember the cheater’s charter that states if you’re going to sneak around, you must accept there’s a reasonable chance you will be found out.

That’s true even before you begin to factor in using a website in an era of data breaches, which creates more potential tangible evidence than, say, secretive texts or regular absences for “work trips”.

Consequences

And to those that say online affairs, like sexy selfies, are a a fact of modern life, stop hiding personal responsibility behind a veneer of technology. No one has invented anything new here on the vice-and-victim scale. Don’t create the evidence if you can’t take the possible consequences.

Consequences were an analogue fact of life too. It’s not like “technology” or “the internet” alters “stupid”. Photos, DVDs and torrid love letters? Evidence. Lipstick on a collar? Receipts for gifts? Evidence.

Technology and the internet simply offer new, ever easier formats for its creation and dispersal.

Don’t create the evidence, the selfies, the texts and the hotels.com dirty weekend bookings if you can’t face the risk of being found out. I don’t care about your morality. It’s just common sense.