Equifax, one of the largest
credit reporting firms in the U.S., announced on September 7th that more than
143 million consumer records had been stolen. Yes, that's right, one of
the organizations charged with safeguarding our credit and personal information
was itself a victim of cyber-theft. To put this into perspective, 143
million records represents nearly half of the total population of the United
States. Additionally, because the hackers got our most personal
information, including social security numbers and dates of birth, the risk of
identity theft could persist for the rest of our lives. Adding to our
sense of helplessness, nothing we could have done would have
prevented the loss of our personal data. Ultimately our data is only as
secure as the locations where it is being held, and increasingly it appears
that no place is safe. Now would be an excellent time for a primal
scream. Go ahead, I'll wait.
According to
Bloomberg Technology, U.S. Companies and Government agencies suffered 1,093 significant
data breaches in 2016, a staggering 40% increase over 2015. Unfortunately,
it looks like 2017 is shaping up to be another record year for hackers. Identities
and credits cards are being stolen, hospital records held ransom, e-mail
accounts compromised, people spied on with their own cameras, and on, and on,
and on. Because so much of our lives are now lived online, this malicious
activity presents an ongoing threat to our safety and security.
So what is really
going on? Clearly, organizations are aware that hackers want to gain
access to their networks, and yet data breaches continue to occur. We
know that stopping cyber-theft is a top priority for organizations, and we can
assume that they have some very smart people working on the problem. That
being the case, how does this continue to happen? One answer seems to be
that large networks are so massive and complicated, that it is impossible for
computer engineers to secure the entire network. In fact, they may even
struggle just to understand where all of the data resides and who has access. As
an example of the challenge, a large data network may generate hundreds of
millions of security logs weekly, with any one of those being a potential
threat. In other words, there is simply too much data for engineers to
analyze in real time and identify potential threats. Another reason data
intrusions are increasing is because our adversaries are becoming more
sophisticated. Criminal organizations or even foreign governments may now
sponsor entire teams of hackers. Additionally, we are no longer defending
solely against human hackers. Increasingly artificial intelligence agents are
being used to probe computer networks for vulnerabilities. Ironically,
going forward, artificial intelligence is also one of the ways that companies
hope to strengthen their network defenses and defend against cyber-intrusions.
So although
there is nothing we could have done to prevent the loss of our personal
information from Equifax, we can definitely limit someone's ability to use it.
In addition to all of the usual precautions, such as regularly changing your
passwords and frequently monitoring your accounts, you may also want to sign up
for a Credit Monitoring service, which will notify you anytime your
personal information is used to open an account. Alternatively, you can opt for
even more protection by placing a Security Freeze on your credit
file. This will ensure that no one can even view your credit file without
your permission. I did this recently and the entire process took no more
than fifteen minutes. In order to place a security freeze on your file
you will need to contact the three main credit reporting firms (Experian,
Equifax and Transunion), either online or via telephone.
In summary, a war for our personal information is raging in cyber-space, and as of now our side is losing.
In summary, a war for our personal information is raging in cyber-space, and as of now our side is losing.
No comments:
Post a Comment