Massive Equifax Hack Shows Cyber Risk to Deposits and Investments Today
- 44% of US population affected by Equifax hack
- Hackers took names, birthdays and addresses, Social Security and driver’s license numbers
- Steve Mnuchin “concerned about the global financial system and keeping it safe,”
- Hacks is a reminder of the vulnerabilities created in a connected world
- Cyber security is a major threat to both banking and financial industry
- Investors should hold physical gold as insurance against hacking and cyber attacks
Last week 143 million people woke up to the news that a data breach at Equifax has left them wide open to financial and identity fraud.
Readers will have no doubt read about the hacking of credit bureau Equifax. Not only were they slow to deal with the issue but three senior executives (including the CFO) sold almost $2 million worth of stock prior to alerting customers to the security breach.
This is the third time in sixteen months that Equifax has been hacked. It is the umpteenth time there has been a data breach at a company that holds financial and personal information of its customers. Each time millions of people’s data and livelihoods has been put at risk.
‘Have no doubt: This means you will be hacked. This means your SIM card will be spoofed. This means someone will try to get into your email and online accounts. This means someone will try to open a credit card in your name.’ John Biggs, Tech Crunch.
Equifax is yet another example of incompetence on the part of data-heavy company, with little recourse for customers affected.
Cyberattacks are continuously evolving into incidents that are relentless and unforgiving. In the last 25 years the sophistication of hackers’ tools has improved.
This recent attack puts the Yahoo breaches of 2014 and 2015 in a rather dim light in comparison to the harm caused by Equifax hackers.
2017 has almost proved to be a coming of age year for hackers. So far this year we have already had the biggest ransomware outbreak that saw data breaches at the NHS, FedEx, Telefonica and Deutsche Bahn.
It is now inevitable that something like this goes on and that we are no longer surprised by it. Why is it happening and what can we do about it?
Why is this happening?
Governments and banks want everything to be digital from online accounts through to digital money. This not only saves them money but also helps with their knowledge about us and means they can continue to print cash without us paying too much attention. They share our information with one another and use this for their own advantages.
As customers we don’t mind this so much because the majority of the time an interconnected world makes our lives easier. It helps us to travel, it helps us to apply for mortgages, it even helps us to book a hotel room with just one click.
The cost of this easy life is the growing threat of hacking. Our entire lives are available to be seen by those who (if they really want it) can get access to it.
We trust these governments and companies not only with our most personal of information but also that they will protect it.
But this is a trust that is not respected by so many organisations.
When it comes to Equifax, customers did not ask them to eat up and store all of this data about them, just for it then to be sold onto marketing companies. It is not the customers’ fault that this data was not kept secure.
Equifax is just one headline in the last month regarding hacks. TechCrunch warns us about a few more:
Hacker group Dragonfly has penetrated operational networks of energy companies that control power grids in the US and Europe, which could allow them to disrupt utilities to hundreds of millions of people
An indefensible vulnerability in all modern cars could let attackers affect sensors, airbags, and anti-lock brakes.
Hackers penetrated voting systems before the 2016 presidential elections, but local officials weren’t warned and the systems haven’t been properly investigated for malware or alterations since.
Hackers are fooling mobile carriers into letting them change the phone associated with a phone number, allowing attackers to empty people’s cryptocurrency wallets
German voting machines can be hacked to change the vote tallies
Hackers want this information for three reasons:
- To show you that they can have it if they want it. For some hackers it can be that the actual hacking is more important than what they can actually do with the data. This motive is becoming increasingly rare.
- To make money from you or the company. This can either be by using your information to steal from you or claim money on your behalf, or by issuing hefty ransoms in exchange for the data.
- Cyber warfare. This is unfortunately the case at the forefront of everyone’s minds when we see big hacks such as the Equifax breach. This has huge implications for not only your personal financial security but also for global safety and security.
Hacking weapons for cyberwar
Avivah Litan, an analyst at Gartner, told NBC News that the data gathered in these data breaches was not necessarily just going to be used to steal money and identities. Instead, it might end up playing a key role in cyber warfare.
“Cyberwar is in large part conducted through data mining and cyber-intelligence…Enemy nation states build databases of Americans that they then use to get to their targets, for example a network operator at a power grid, or a defense contractor at a missile defense company.”
US Treasury Secretary Steve Mnuchin has also recognised how this latest hack is a sign that far worse things could be on the horizon. Speaking to the CNBC Institutional Investor Delivering Alpha Conference in New York Mnuchin said his main concern was “about the global financial system and keeping it safe.”
For those of a more military leaning cyber hacks are very serious indeed. In June the British American Security Information Council (BASIC) released a report entitled ‘Hacking UK Trident: A Growing Threat’. In the report BASIC explained that a successful cyber intrusion could “neutralise operations, lead to loss of life, defeat or perhaps even the catastrophic exchange of nuclear warheads (directly or indirectly).”
What can be done about it?
In the short-term we need to be aware that this latest attack may have some very significant lasting effects.
The hackers have access to victims’ credit files, social security numbers, credit card details and even driving license information. This is not something we can just change the data for. Unless the US government decides to issue new social security numbers and 143 million Americans decide to move house and change their birth dates then this data is permanently vulnerable to exploitation.
Access to this information could result in major financial theft through identity fraud and just plain access to information. The Federal trade Commission told customers last week to file their tax returns early “as soon as you have the information, before a scammer can.”
Companies need to seriously up their game when it come to security of client accounts. In the United States it is not uncommon to be able to access account just through the last four digits of your social security number. If this wasn’t easy to find out before, it certainly is now thanks to Equifax.
Each time a data breach of this nature takes place it seems that the most companies merely breathe a sigh of relief that it wasn’t their systems which were hacked. Those who were hacked issue an apology and resolve to strengthen their systems.
Instead companies should be striving to become tech companies where security is at the forefront of their strategies.
In the long-term consumers need to protect themselves notably against financial fraud but also the impact of cyber warfare on the wider world.
Protect yourself, don’t rely on others
We used to be told that changing our usernames and passwords on a regular basis was good enough to protect ourselves from security issues.
Now, we have no idea where to start when it comes to information stored online. On a daily basis we partake in a panorama of activities that keep us locked into the interconnected world and our data vulnerable.
Of course one of the biggest areas that we are happy to have automated and made as easy as possible is our money. This is both at the end of money creation and our own personal investments.
As hackers and cyber attackers become more sophisticated we need to be ahead of the game.
All manner of financial, government and infrastructure companies have been hacked. It is likely that many of these small scale attacks have been merely testing of defences.
Be aware that in the future a concerted attack on the global financial system would likely include attempts at disabling various exchanges (both stock and foreign exchange). Banks would also be a key target, ATMs and wire transfers could be disabled and bank balances, which are merely digital figures, could be erased.
We are all dependent on technology and the digital monetary system. A cyberattack would economically paralyse our system. The primary wealth would longer be primarily digital – cash, stocks and bonds – access to tangible wealth would be vital.
Whilst it would be imprudent to predict cyber warfare that results in the collapse of the financial system we do believe it would be prudent to take necessary precautions and diversify into physical gold and silver bullion.
Conclusion – buy gold bullion for insurance
As we explained following the possible US Navy cyber attacks:
By owning allocated and segregated physical gold with GoldCore you are protecting yourself against potential hackers in two ways
First: GoldCore works extremely hard to provide the highest level of security for their clients – both online and offline.
Second: Gold is a tangible asset. This means it cannot just disappear at the touch of a few buttons, courtesy of a few hackers. Should there be a global cyberattack on the financial system, the primary wealth would no longer be primarily digital (cash, stocks and bonds etc).
Gold will not only be important because of its tangible nature but also because of its role as a safe haven in times of geopolitical risks. A cyberattack whether on the U.S. Navy, a civilian ship, an election or across the financial sphere is an attack. It is a weapon being fired by one party on another.
These also pose risks to digital gold providers who do not allow clients to interact and trade on the phone and are solely reliant for pricing and liquidity from online portals and online trading platforms.
Those who have outright legal ownership of physical gold and silver coins and bars outside the banking system will weather the cyber storm better than those who do not.
The hope is that these risks will not materialise. Hope is never a strategy. We believe it is prudent to be aware of and take appropriate measures – sooner rather than later – to protect your wealth.
News and Commentary