The Waves of Security Leaks
It's curious how security leaks have evolved throughout the years. First, it all started without any security at all. Many applications, sites, and programs were developed with tons of security bugs. Then, many attacks took place until we started seeing dumps of databases on the internet.
It seems that 2005 was the year that drew major attention to the topic. In 2005, there were at least 136 breaches. After that, more breaches appeared, and some of them were so massive that a new term was coined: mega breaches.
The momentum led to the creation of websites like have i been pwned?, due to the need to check whether your data has been leaked or not.
Despite this already significant wave of leaks, a 2nd wave of government documents began with whistleblowers. The main character behind such leaks was Edward Snowden. He was seen as either a hero or a traitor to his country. Many important revelations about the government abusing its power to spy on its citizens and other countries came to light.
Soon after, came the 3rd wave: industrial secrets. Companies like Sony Pictures and Hacking Team were compromised, and all their emails and files were published on the internet.
Today, we're facing a 4th wave: cyberweapons.
It's probably the worst of all. As many vulnerabilities aren't fixed, despite the numerous news and articles popping up, handing cyberweapons to an extremely poor open-source community (when it comes to security projects, IMHO) is a big deal. Now, script kiddies and skilled attackers can make use of CIA leaked tools or NSA leaked tools [1][2].
Now, I start to wonder what's coming next.
Will the next waves be within the categories of waves listed above, or will they be of a new kind? That's a good question I'd like to know the answer to.
Thank you.