Cyberattack on Equifax confirms vulnerability of US Internet

Global Business

The cyberattack on credit rating firm Equifax compromised the personal information of potentially more than 145 million American consumers. It’s the latest large-scale hack of a U.S. firm revealed to the public.

CGTN’s Jim Spellman reports.

“This is a huge amount of records to be compromised at once. And because it affects nearly everyone who is employed in the United States, you’ll see the impact of this for months and months to come. It will manifest itself in fraudulent e-mails that we might all receive, trying to even steal further information, as well as potential for fraud,” Says Ryan Kalember, an analyst with Proofpoint Cybersecurity Strategy, an internet security company.

In the past, government networks, universities and hospitals have all been the target of cyber-attacks. Some experts say the U.S. system makes the internet vulnerable and difficult to defend.

Most U.S. internet infrastructure is owned and operated by private companies – not the government.  When hacks occur the federal government is sometimes reluctant to share information with private companies and vice versa. Critical information can go unshared- meaning fixes aren’t developed or implemented.

There is no single agency in charge of protecting the internet in the U.S. Even hiring trained cyber specialists is a challenge.

“If I’m a really smart cyber person, and I’m graduating from University of California Berkeley or any university, I’m going to go to one of the big companies where they are going to give me a bunch of money. They are going to pay off my student loans and off I go. What the federal government needs to do is be more competitive,” says Douglas Smith, a former U.S. Homeland Security Official.

Other countries and regions have adopted broad cyber defense measures. In September the European Union rolled out new anti-hacking measures.

The Chinese system, with strong government oversight of the internet, may be better positioned to prevent cyber-attacks. In June, new laws in China came into effect.

We’ve completed working out regulations concerning verification and initial evaluation of data security and information protection. These efforts aim at combating cyber-attacks and online frauds,” said Yang Xiaowei of the Cyberspace Administration of China in September.

The impacts of a major cyberattack on the U.S. could extend well beyond financial crimes.

“Everything is at stake. You and I, our bank accounts getting zeroed out is the best case because for the most part we will be protected. The worst case is they hack the electrical system. They hack into the water system. They hack into the subway systems; they hack into any number of things that would cause havoc,” says Smith.

As part of a solution, security officials would like to see a closer cooperation between the federal government and the private sector to reduce the vulnerability of the U.S. internet.