Online fraud as simple as 123
As more and more of our transactions and records of our life migrate to the digital world, we can expect the problem of hackers and online fraud to get worse.
One of the funnier things to come out of Australia in recent days is the result of a security audit that found more than 1000 government officials using the ridiculously guessable ‘‘password123’’ to access their computer systems.
It’s even funnier that 200 of the Western Australian government employees simply stuck with ‘‘password’’ to access a database of information containing the personal details of millions of citizens.
But before laughing at the stupidity of our Australian friends, there is no reason to think a similar audit in New Zealand would find anything different. And even if it were to discover we weren’t using the word ‘‘password’’, it would probably find our children and petname passwords weren’t that much safer.
There is a perfectly human reason for the simplicity in our passwords, and that is we need to be able to remember so many. You probably have at least one for work, for your bank, your social media account, your phone’s app store, your email, Netflix, that app you use to find holiday accommodation and that other app you use for music.
The inherent weakness in passwords is why they are likely soon to be a thing of the past, replaced by facial recognition, fingerprint and retina scanning, and something else yet to be invented. But even that won’t keep you entirely safe because passwords and their replacements are just one part of the digital security problem.
A high school in Taranaki was recently hit by a ransomware attack that encrypted thousands of school documents and demanded US$5000 to give them back. This wasn’t personal. It was a computer program that probed millions of computers before finding one with weak defences. That weakness can be as simple as an old operating system or an expired anti-virus programme. Something you might skimp on to save a bit of money.
And while it was a school that got hit, individuals are no safer and often the threat is not locking up information but giving it away for free.
How much would you pay a hacker to refrain from sharing your internet search history, emails and personal files with everyone in your contacts list? Not many of us would come out of that experience with a lily-white reputation intact. For some it could be truly devastating.
Invoice fraud is also a growing problem. Hackers intercept an invoice sent to a legitimate email account, copy it, change the bank account number and send it to the original address. It’s so subtle that few people notice until they’ve paid the bill and are in a shouting match with the genuine contractor who swears they haven’t got their money.
As more and more of our transactions and records of our life migrate to the digital world, we can expect the problem of hackers and online fraud to get worse. The opportunities are immense. In the US, mobile payments on portable devices are expected to reach US$1 trillion next year.
Quite how you protect yourself is an everchanging equation, but a strong password is a start, especially for anyone, corporate or government, with access to personal information.
We all understand the value of a solid door and robust lock in home security. We need to wake up and make sure we treat our digital security with the same level of respect.