After being hacked, internet service provider KPN shut down email services to all of its two million customers last Friday, to prevent usernames and passwords from being disclosed on the internet.
Hackers posted usernames and passwords from more than 500 KPN customers on the internet. Or so it first seemed. In fact, the jokers had put data online that had earlier been stolen from web shop baby-dump.nl, and then feigned that it originated from KPN. So it was all a joke.
KPN had been hacked however, but it was few weeks prior to the above incident. For internet security expert, Dr. Michel van Eeten (TPM faculty), it came as no surprise therefore that the company took the alleged disclosure of personal data very seriously: “If I were a customer, I’d have been happy to see that they take the protection of my personal data very seriously.”
But if KPN takes protection so seriously, how then is it possible that they were hacked in the first place? Shouldn’t they improve their website security?
“Huge internet infrastructures like KPN’s contain holes – that is inevitable,” Van Eeten says. “The fact that KPN blocked two million email accounts shows that it is proactive and serious about protection. Believe me, happenings like these are costly to them, since a lot of customers will be angry.”
On a broader level, Van Eeten believes that there is a more serious problem. “More and more companies are collecting personal data for marketing and other purposes,” he says. “Many of the systems used for these goals are amateurish and ramshackle and do not keep pace with the increasing cleverness of hackers. And the problem is that when things do turn bad and data are stolen, well, very often – in contrast to KPN – it doesn’t really affect the company economically. So there is a failure of the market here.”
New laws are currently being worked out that would oblige companies to officially report hacks. Van Eeten doubts whether these laws will also entail harsh punishments for the companies at stake. Harsh punishments, he believes, would undermine innovation: “Companies like to try new things on the internet. Sometimes that means that there are security issues. We have to accept that. But as it stands now, the balance is not right. There’s no accountability at all. We should pay more attention to protecting user data.”
ICT expert Dr. Jan van den Berg, an ICT expert and head of a cybersecurity research group at the TPM faculty, agrees that hacks are in some way inevitable. “The network protocols TCP-IP were never designed for the safe transfer of information,” he says. “The idea behind it is that they form a web, and that if some information centres were to be destroyed, that information could still be transferred.”
At the same time, Van Den Berg also condemns the laissez faire attitude of many internet companies. “But,” he adds, “consumers should also take their responsibility. They shouldn’t use the same passwords for all the sites they visit. And they should install security software on their computer. It would be a good idea if people would need a license before being allowed on the internet, just like you need a license to go on the road.”
If the team’s roster sounds like the setup of one of those typical pub jokes – ‘So two Indians, three Chinese and an African walk into a bar…’ – the punch line is that this brilliantly multicultural student team recently claimed top prize in the ‘2010-2011 Design Challenge’ for their outstanding work on the ‘Intelligent Street Lighting’ (ISL) project.
For MSc student team members Xixi Yao, Jia Chen, Jayakrishnan Harikumaran, Sarah Li, Eyuel Debebe Ayele, and the author of this article, the road to victory began last August when enrolling in the ‘Design Challenge’, a 12-credit course that gives students a chance to work on real projects assigned to them by companies.
The team received their ISL project assignment from Chintan Shah, a TU Delft graduate who presented his original ‘Intelligent Street Lighting’ concept at last year’s ‘Campus Energy Challenge’, where he won first prize.
ISL uses motion detection to make street lights glow. Because normal street lights keep glowing with 100% luminance irrespective of whether any people or vehicles are around, much power and energy is wasted. Motion-based ISL however provides the right amount of light in the right place at the right time: street lights dim to, for example, 50% after 23:00, when less people are on the streets, but then gradually glow back to 100% brightness when the sensors detect some presence.
Shah’s clever ISL concept however still only existed on paper. The TU Delft student team’s brief was to worked closely with Shah and help create a live working demo, a daunting task but one this diverse team was ideally composed to do, as the team members’ specialist areas ranged from Integrated Product Design, Electrical Engineering and Sustainable Energy Technology to Industrial Design and Telecommunications – all knowledge elements the project demanded, as team overcame challenges like figuring out how to use the sensor most effectively and devising a power supply capable of supplying some ISL components with AC and DC power.
To devise a live working ISL prototype, the team had to work well together and fully understand the client’s needs. Hence, in many respects the ‘Design Challenge’ required the team to function like a real company, striving to keep the client happy while also completing necessary but tedious documentation, preparing presentations and testing the final product.
Perhaps most impressively of all was the fact that team members, hailing from very different cultural backgrounds, overcome any and all differences and worked as a true team.
“We were a multicultural team but also an interdisciplinary one as well,” says Jayakrishnan, “That meant minor team clashes had to be resolved and gelling together as a coherent and effective group was essential for the projects’ success.”
Comments are closed.