How the Ashley Madison Attack Impacted Government Agencies

Cybersecurity
Julie Urban

The Ashley Madison attack has received a lot of attention in the past few months since the attack on the private Canadian firm, Avid Life Media who owns the affair website. So why is it of interest to federal agencies? A lot of email addresses revealed in the database were government email addresses and military email addresses. Although it doesn’t look good, just because these names and email addresses were released, doesn’t prove they were having an affair. Although there are reportedly a lot of .mil and .gov addresses that created accounts, it’s hard to say who was using it. Since Ashley Madison doesn’t send out confirmation emails, it’s hard to prove who set up the account.

However, many people who signed on to Ashley Madison were deceivers not of their spouses, but of Ashley Madison. There were cases of single men and women creating accounts on Ashley Madison in order to spy on a suspected adulterer that they knew for a friend. Just because someone signed up doesn’t mean they were being deceitful, but were in fact deceiving Ashley Madison.

Don Maclean, Chief Cybersecurity Technologist at DLT Solutions, explains, “This has proved to be an interesting and complicated attack. The entire website is based on deceit. Spouses deceiving their partners, and then in turn Ashley Madison was deceiving their customers. Their business was predicated on the notion that they would not divulge their secrets, they would keep them safe and secure, which they did not do. They claimed that if you decided to terminate your account, they would delete all record of you having an account in the first place. This was not true. You’re dealing with a company whose business model and whole premise was deceit. Why would you believe them?”

Now that the data is out, there is another level of deceit occurring as well. There are scam artists and security firms claiming they can delete your name from the database to help you avoid extortion, black mail, or embarrassment. But as it turns out, they are not out to help you, but to scam you. Once they have your email and some sort of indication of concern, they will look up your information in the database, but also try to extort money from you as well.

The hackers who carried out the attack were not necessarily seeking money, but were angry at the premise of the Ashley Madison website. Adultery is wrong for most people, so it’s hard to argue that fighting against it is a bad thing. However, is it really their role as a vigilante? In the aftermath of the attack, it’s been reported that some have even turned to suicide after their names were exposed. The hackers also wanted Avid Life Media to take down other websites, which may not sit well with a lot of people, but aren’t as morally wrong as Ashley Madison.  For example, there was a site that arranged for older women and young men to get together, and younger women and older men to get together. Avid Life Media did not take down the sites and still has not in the months after the attack.

A lot of people were praising the hackers for standing up to a “morally wrong” company. But is this up to the hackers to get to decide which business get to stay in business and which don’t? Regardless of whether you agree with this particular attack, do you really want hackers who thrive in the shadows to decide who stays in business? One thing is for sure - the effects of the Ashley Madison attack will continue to be felt for months to come.

To learn more about the how attack impacted government agencies, watch DLT’s Chief Cybersecurity Technologist Don Maclean explain more:

https://www.youtube.com/watch?v=4Nysa4ha7zM