Equifax breach threatens social security

Joshua Meribole–Staff Writer

In recent years, cybersecurity has been finding itself in the national news coverage, from the hack in Sony to the recent hack of Equifax.

The hacking, however does not remain just within Equifax or other businesses; government institutions such as the National Security Agency (NSA) have suffered as well.

So, what can the public do to better protect themselves from these threats as well as understand them? Dordt faculty and staff members Nick Breems and Doug Tinklenberg weighed in when questioned.

“The more of our lives that are stored in the computer, the more hackers can disrupt that part of our life,” says Computer Science professor Nick Breems.

In recent news, the hack against Equifax compromised the information of 143 million Americans, about 44% of America’s total population of 325 million. According to Equifaxsecurity2017.com, the company knew of the possible vulnerability to their security as was alerted to them 2 months before the hack took place (the attack occurred May 13-July 30). However, details regarding Equifax’ response to the vulnerability are still being investigated.

The stolen information, as detailed in Equifax security report, included: “primarily names, Social Security numbers, birthdates, addresses and, in some instances, driver’s license numbers,” according to an Equifax statement.

Why is this a big deal?

When someone has access to your Social Security, they have access to the many functions of those numbers. They could open credit cards in your name and not pay, which can damage your credit score. Furthermore, they could steal your tax benefits and returns. The real danger is that your identity is stolen, and anyone who has access to it can do as they see fit. However, it is possible to get help with stolen identities from sites such as identitytheft.gov.

“The fundamental problem, as far as I can tell—this is my theoretical Computer Science hat—is that we treat the social security number as both a username and password,” Breems said. He believes there should be a regulatory reform, so that banks would not be able to use Social Security numbers as passwords to prove you are who you say you are.

“There is no such thing as an impenetrable wall; that is true in physical and virtual reality. Even in virtual reality, a sufficiently determined attacker can always find a way to get in.”

Doug Tinklenberg, who works for Computer Services, says that often programs are run by hackers to “sniff ports” so that if a vulnerability is found, those vulnerabilities and the information they protect can be exploited.

In regards to putting your information online, Breems says that when considering putting information online, there are benefits; however, we must ask ourselves the important questions.

“Do the benefits of online banking, of Facebook, of Flickr, outweigh the risk?”

So, how does Dordt deal with cybersecurity threats, and what can students do to prevent being hacked or having their information stolen?

For example, Dordt College has our Social Security numbers, our financial information and other personal information on us; so, how are we protected?

Dordt has three different protections: firewall, encryption and deciphering. The firewall helps limit the traffic that comes into work, all our internet traffic is encrypted and an antivirus program is installed into every Dordt computer to protect against malicious software. Dordt’s use of Microsoft Office 365 also limits phishing mails that may send ransomware.

“We do our best. We don’t have a lot of money and resources at our disposal,” Tinklenberg said.

In terms of security, however, the responsibility lies with everyone.

“Most hacking is caused by human errors,” said Tinklenberg.

It falls to the personal responsibility of users and students in terms of being careful which sites they visit, as well as knowing whether emails that they receive are real or fake. Tinklenberg warns that we should be mindful when using free WIFI of saving passwords and doing online banking. And, in terms of phishing and scam email, when we are not sure if an email is legitimate, we can and should go to Computer Services to find out before opening it ourselves.

If students want to know more about the Equifax breach and the possible risk to their own online accounts and credit, these sites can be of help:

https://www.equifaxsecurity2017.com/2017/09/15/equifax-releases-details-cybersecurity-incident-announces-personnel-changes/

https://www.identitytheft.gov/Know-Your-Rights

 

 

Leave a Comment or Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s