Hackers are ramping up attacks on retirement accounts

Hackers are ramping up attacks on retirement accounts

When we think of cyber attacks we tend to think of ones against companies, large or small, but we as cybercriminals become more sophisticated we are seeing them target a different set of targets. One of these newer targets includes new types of financial accounts, which bleeds over in data privacy, a key aspect of the Foxberry Tematica Research Cybersecurity & Data Privacy Index

 

Bank accounts are a top target for hackers, and retirement accounts may not be far behind. Cybercriminals are moving toward retirement and loan accounts. Although the number of consumers affected by identity fraud has declined between 2017 and 2018, hackers are targeting new types of financial accounts — such as customer rewards programs and retirement plans, according to the 2019 Identity Fraud Study from Javelin Strategy & Research.

Part of the problem is identity theft, which can provide hackers the keys to getting into important accounts.

 

With the burgeoning 5G market expected to hit a tipping point in the coming quarters, giving rise to the industrial internet (otherwise known as the internet of things), we suspect this is only one of many new target vectors we will be reading about in the coming months.

Source: Hackers are ramping up attacks on retirement accounts — how to keep yourself safe – MarketWatch

BMO and CIBC attacks are reminders of the growing cyber threat

BMO and CIBC attacks are reminders of the growing cyber threat

Another reminder that cybersecurity, a key aspect of our Safety & Security investing theme and our Safety & Security Index, is the 21st century version of insuance – one needs to have for when something does go wrong. With $445 billion lost last year to cybercrime, I see that making cybersecurity a must have for companies as well as elevating it past the C-suite and into the Boardroom.

Similar to insurance, people tend to become complacent as the cyber attack headlines die down. As these two attacks show, however, the hackers are not taking a breather and that means cybersecurity growth prospects remain vibrant.

 

 

Bank of Montreal and Canadian Imperial Bank of Commerce (CIBC) announced Monday (May 28) that hackers stole data on close to 90,000 customers.

According to a report in Reuters, Bank of Montreal said it was contacted by hackers who claimed to have personal and financial data on its customers — the bank thinks it’s less than 50,000 of its 8 million customers. The spokesman wouldn’t tell Reuters if customers’ money was stolen in the hack, but did say that the hackers said they would make the data public. The bank is working with authorities and has launched an investigation.

Reuters noted that the Bank of Montreal thinks the attack happened from outside the country and is confident it has shut off the exposure that led to the data breach. Meanwhile, CIBC said fraudsters also contacted it, claiming to have stolen personal and account information on 40,000 customers. Both banks said they have notified customers and urged them to monitor their credit reports.

Source: Bank of Montreal, CIBC Announce Cyberattacks | PYMNTS.com

Pain Points in Investing – Social Security Number as a case study

Pain Points in Investing – Social Security Number as a case study

The core of Tematica’s investing strategy is to look not only for those long-term forces that generate profound headwinds or tailwinds but it also entails looking for those pain points that create an opportunity for those who can best address them. This was one of the focal points we laid in our book Cocktail Investing. Today we will look at one pain point that a significant majority of us in the United States have experienced – the theft of one’s Social Security number. While many focus on the growing cyber threat, this pain point showcases the breadth and depth of our Safety & Security investing theme.

An individual’s Social Security number has become the cornerstone of all identify verification and is key for everything from opening a checking account to getting a credit card or a mortgage, let alone for a medical treatment in the emergency room. Yet that was never the intention behind it. It was originally intended solely to track the earnings history of workers for benefits upon retirement: talk about scope creep!

Clearly, given the various hacks ranging from Equifax to the U.S. Postal Service to the Social Security Department itself, the Social Security number is poorly suited for identification verification and securing one’s personal finances.

By the way, up until 1972 the phrase: “FOR SOCIAL SECURITY PURPOSES — NOT FOR IDENTIFICATION,” was on the bottom of all social security cards!

This issue appears to be finally getting the attention it deserves.

Earlier this month, the Trump administration’s top cybersecurity official said the Social Security number has “outlived its usefulness.” Last week, a top Republican in Congress introduced a bill that would require the major credit-reporting firms to phase out by 2020 the use of Social Security numbers to verify consumers’ identities.

Clearly, we have a very big pain point here with no obviously viable solutions immediately identifiable or available, which makes this a great pain point to track. A google search for “Alternatives to social security number” generates over 9.2 million results. Most likely the solution will be a combination of biometrics and unique code identifiers and most likely, the solution will not be generated by the U.S. Government as that is not where the pain is most acutely felt. There is no real danger to government officials compared to what is faced in the private sector.

There is already considerable discussions from those in D.C. that things need to change, but we suspect that given the enormous benefit to be gained in the private sector, we will likely see private sector solutions emerge and compete against one another. We already have one massive experiment taking place in India where Aadhar, the world’s largest biometric identification system, has been implemented with nearly 1.12 billion individuals.

Pain also means opportunity and this is one we are watching closely.

Source: Social Security Numbers: Hacked, Hated—and Irreplaceable – WSJ

To Prevent a Cybersecurity Workforce Crisis, Education is Key

To Prevent a Cybersecurity Workforce Crisis, Education is Key

As companies develop and respond to ever evolving cyber security threats, the the emerging Connected Car, Connected Home, and the Internet of Things markets will explode the number of potential vulnerabilities, while hackers continue to reinvent their attack strategies. The response requires a vibrant talent pool that can fill in the ranks of new and existing cyber security companies, but the looming pain point is an expected talent shortfall. The problem is a twist on the old baseball saying, “you can’t get the hits if you don’t have the at bats.” In this case, if you don’t have the talent, how will cyber security companies keep up with the hackers? One potential solution to this pain point sits in overhauling our education system. 

The latest U.S. News/Raytheon STEM Index showed that high school students’ interest in technology and engineering grew slightly over the past year. To meet the current and future security challenges, however, more young people must see cybersecurity as a worthwhile career option.

Current estimates mark the talent shortfall at 1 million professionals. A recent study by the National Cyber Security Alliance, with support from Raytheon, explored the talent shortfall in the global cybersecurity industry and found that a fundamental problem was the lack of even a basic awareness of potential opportunities in the field.

Business, policy and technology leaders agree there will be serious implications for the world’s security, safety and economic stability if we fail to foster a cybersecurity workforce.

We must encourage early exposure to technology and cybersecurity careers within our educational systems.

Source: Op-Ed: The Time Is Now to Prevent a Cybersecurity Workforce Crisis | US News