Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Rodents and hackers Colin Trotter
29 September 2017

soxie2

I don’t usually converse in metaphors and analogies but bear with me as I liken hackers to rodents and discuss security in keeping both of them at bay.

At 5am, our cat Soxie started scratching at the door to be let out. Soxie is one of my perimeter security personnel. It made me think about the steps we take to protect our homes from rodents and the steps we take to protect personal information in the electronic world.

Rodents and hackers alike are constantly probing and attempting to break into your place or your information. Rodents want food, water and shelter. Hackers on the other hand have many different agendas. They might want to steal customer information, corporate secrets, corrupt your data to disrupt your business, hold you to ransom and a myriad of other reasons. Hackers can be state-supported with global agendas, or non-state actors like criminals seeking to profit from your information, or creepy individuals wanting to invade your privacy for the sake of it.

Blocking rodents

What’s the common element between combating rodents and thwarting hackers? Both need security measures that have to be continually maintained and improved, whether it involves protecting your pantry or your data.

Stopping rodents getting in is straight forward. You have to block up holes and gaps. Having ‘perimeter security personnel’ like Soxie is also useful (although cleaning up the bodily remains of his work can be gross). But in the electronic world, things aren’t quite as simple. The risks are higher and the consequences greater.

Hackers attack in many ways, shapes and forms. To defeat them, one of the most critical factors is constant security patching.

Equifax breach

Recently, hackers breached Equifax’s website application software. Equifax is a global consumer credit reporting agency and the breach had the potential to affect the information of 143 million consumers. Fortunately, the credit information of New Zealanders was not affected because Equifax NZ stores its data on servers hosted in New Zealand, and not in the cloud.

Reports say the Equifax breach happened because of an unpatched vulnerability. This gap in security was apparently known about and patchable but Equifax appeared not have made the fix before the breach struck.

Patching holes

As part of our oversight of information matching programmes, we have been pushing for government agencies to lift their game in patching any discoverable vulnerabilities in their communication servers. Equifax – which is not a government agency - was caught out this time. No one can be complacent about information security, not least large holders of personal information.

I am going to give Soxie a treat for his continuing perimeter security work.

Image credit: Grey cat via Pexels

0 comments

, ,

Back

Comments

No one has commented on this page yet.

Post your comment

The aim of the Office of Privacy Commissioner’s blog is to provide a space for people to interact with the content posted. We reserve the right to moderate all comments. We will not publish any content that is abusive, defamatory or is obviously commercial. We ask for your email address so that we can contact you if necessary to clarify your comment. Please be respectful of authors and others leaving comments.

Latest Blog Entries