printer friendly version

From the editor's desk: Who hasn’t been hacked?

Stories of companies being breached and infected with malware and/or ransomware are common these days, with the latest SolarWinds (see the MIT Technology Review article at the short link: www.securitysa.com/*mit1) issue being significantly problematic; I assume taking 18 months to recover would be classified as ‘significantly’. It’s getting to the stage where any company (or person) that believes their data and electronic devices are safe should assume they have simply missed the fact that their data is floating around ‘out there’ or being used in identity fraud and other crimes.

Andrew Seldon.

At the same time, there are companies and people that simply assume their systems are fine and adopt the “nobody would want to hack me” philosophy. The same goes for residential estates, “who would want to get hold of our data?”

If you have read Edward Snowden’s book, Permanent Record, which is well worth the read, you might ask why the NSA wants to keep everything you do online recorded forever. Good question, why is something so boring important to them? Apart from the embarrassing things you might have a penchant for looking at online, why would that even be a problem?

The reality is they want to keep a permanent record of all the boring stuff (and either are doing it or will soon be in a position to start doing it). Only they know why. And as the saying goes, “I have nothing to hide, but I also have nothing I want to share with you [or any devious, underhanded organisation]”. (If you’re interested, there is more at the short link www.securitysa.com/*spy1)

But if the NSA thinks your data is worth stealing and keeping, why do you think cyber criminals don’t think the same?

A credit card number is worthless to a criminal these days, but a card and/or bank account number along with an ID, cell number, physical address and so on gives them all they need to get your money. One average person’s data won’t amount to much, but multiply that by millions of hacked accounts and you are in business.

Africa in general is a cyber-crime target due to a lack of skills, lack of money and general apathy, and your information is out there. While companies have escaped any accountability (or even responsibility) for their lack of security and apathy towards users’ personal data in the past, the POPI Act is going to change that and residential estates, large and small, need to be aware of the requirements and consequences of failing to adequately protect sensitive information.

And as Andre Mundell said to me a while ago, “You can’t outsource responsibility [for POPIA]”.

We hope you enjoy and gain value from this edition of the Residential Estate Security Handbook, feel free to share comments and criticisms with me at [email protected]

Share this article:

Further reading: