The Times Australia
The Times World News

.
Times Media

.

In the wake of recent data breaches, here's why you need to check your credit score. It could even help track down criminals

  • Written by Sascha-Dominik (Dov) Bachmann, Professor in Law and Co-Convener National Security Hub (University of Canberra) and Research Fellow (adjunct) - The Security Institute for Governance and Leadership in Africa, Faculty of Military Science, Stellenbosch Univer
In the wake of recent data breaches, here's why you need to check your credit score. It could even help track down criminals

Millions of Australians have had their privacy breached in recent cyber attacks[1] against Optus, Medibank and other companies.

Cybercriminals stole sensitive health and financial data that can be used for ransom, blackmail or fraud.

Read more: Why are there so many data breaches? A growing industry of criminals is brokering in stolen data[2]

Law enforcement agencies are still investigating the origin of these attacks, but as experts in cyber and national security we can say two things are already clear.

First, anyone affected should check their credit record. Second, Australia’s international cyber engagement strategy[3] – which sets the terms for how we work with other countries to maintain national cybersecurity – is desperately in need of an update.

How to turn data into credit

Cybercrime is most often motivated by making money, as the return on investment can be enormous. One recent estimate[4] suggested a low-end attack costing US$34 could bring in US$25,000, while spending a few thousand dollars on a more sophisticated attack could bring in up to US$1 million.

Hackers might demand a ransom[5] in return for the stolen information. Failing that, they can make money from it in other ways.

In the September Optus attack, for example, data including[6] names, birth dates, email addresses, driver’s licence numbers, and Medicare and passport details were taken.

Read more: Optus data breach: regulatory changes announced, but legislative reform still needed[7]

One quick way to turn these data into money is to use them to apply for credit cards. Many credit card providers, eager for new customers, have very simple and streamlined processes to check identity.

Alongside stolen data such as a name, address and driver’s licence details, cybercriminals will need an email address, a phone number and payslips.

Phone numbers and email addresses used for communication and authentication are easy enough to provide, and fake payslips can be generated using free websites[8].

In some cases, cyber criminals can start using the credit cards instantly if approved. The victim will have no idea about the existence of this credit card unless the credit report is checked as part of a subsequent mortgage or credit application.

How to track cybercriminals

Cybercriminals naturally take steps to remain anonymous. However, applying for a credit card does leave traces that can be used to track them down in the following ways:

  • the phone number used for the credit card application can be tracked, with a court order and the help of the telecommunication service provider
How to track someone’s location with just a phone number.

  • activity on the credit card obtained with the stolen data can also be tracked, as can email correspondence, with the help of the credit card provider

  • any suspicious IP address associated with the credit card can lead to further intelligence on the cybercriminals, and the internet service providers (ISPs) or virtual private network (VPN) providers may assist in tracking down the criminals.

A screenshot from a website showing details of an IP address including its location on a map.
IP addresses can be traced to real-world locations. iplogger.org

A national security issue

The Optus and Medibank hacks have caused significant problems for individuals. They have had to apply for new identity documents, and the final costs are likely to total hundreds of millions of dollars[9].

But preventing cyber attacks can also be a matter of national security, as a recent ransomware attack on an Australian Defence Force contractor[10] has shown.

The data affected in such attacks may easily extend beyond identity theft to include data relevant to national defence, business and society. The risk of these attacks has been recognised[11] in Australia’s cyber security strategy, but more must be done to prevent them.

Stronger rules for data protection

National cyber defence requires a “whole of government” approach, but it needs to go further. The commercial and civilian sectors must be included as well.

Private companies store huge amounts of private data. What they store and how they store it needs to be much better regulated.

The Optus hack, for example, revealed the company was keeping data not only from current customers but also past customers. Given how often customers change telecom providers, practices like this can lead to companies storing huge amounts of unnecessary personal data.

Current penalties for failing to protect customer data are also inadequate. At present, fines of up to A$2.2 million[12] are the only enforceable safeguards available.

These penalties are too small to act as an effective deterrent, and they apply only after a breach has occurred. What we need are strict and enforceable rules regarding the storage of current consumer data and the deletion of past customer data.

Without new regulations, we will continue[13] to see sophisticated cyber attacks targeting the private sector.

Borderless cybercrime

In many cases the cybercriminals are from other countries, which means we need international co-operation to track them down. This is when Australia’s International Cyber Engagement Strategy[14] comes into play.

The strategy, published in 2017, aims to foster increased international attention to cyber threats. It calls for greater co-operation in the region and beyond to mitigate cyber risks.

Australia’s international cyber engagement is distinct from domestic cyber security efforts, which are undertaken under the auspices of the Australian Cyber Security Centre[15].

Cyber attacks of foreign origin are on the rise[16] as a result of current international tensions. The current strategy may no longer be sufficient to address the international nature of cyber threats.

The strategy contains high-level promises of collaboration around strategic interests, but this is only a beginning. To create a comprehensive international cyber defence approach, we will need more detailed working arrangements with overseas partners[17].

References

  1. ^ recent cyber attacks (7news.com.au)
  2. ^ Why are there so many data breaches? A growing industry of criminals is brokering in stolen data (theconversation.com)
  3. ^ international cyber engagement strategy (www.internationalcybertech.gov.au)
  4. ^ recent estimate (www.csoonline.com)
  5. ^ demand a ransom (www.theguardian.com)
  6. ^ including (asic.gov.au)
  7. ^ Optus data breach: regulatory changes announced, but legislative reform still needed (theconversation.com)
  8. ^ free websites (paysliper.com)
  9. ^ hundreds of millions of dollars (www.afr.com)
  10. ^ Australian Defence Force contractor (www.afr.com)
  11. ^ recognised (defence.gov.au)
  12. ^ fines of up to A$2.2 million (www.france24.com)
  13. ^ continue (www.abc.net.au)
  14. ^ Australia’s International Cyber Engagement Strategy (www.internationalcybertech.gov.au)
  15. ^ Australian Cyber Security Centre (www.cyber.gov.au)
  16. ^ on the rise (securitybrief.com.au)
  17. ^ overseas partners (www.homeaffairs.gov.au)

Read more https://theconversation.com/in-the-wake-of-recent-data-breaches-heres-why-you-need-to-check-your-credit-score-it-could-even-help-track-down-criminals-193537

The Times Features

Game of Influence: How Cricket is Losing Its Global Credibility

be losing its credibility on the global stage. As other sports continue to capture global audiences and inspire unity, cricket finds itself increasingly embroiled in political ...

Amazon Australia and DoorDash announce two-year DashPass offer only for Prime members

New and existing Prime members in Australia can enjoy a two-year membership to DashPass for free, and gain access to AU$0 delivery fees on eligible DoorDash orders New offer co...

6 things to do if your child’s weight is beyond the ideal range – and 1 thing to avoid

One of the more significant challenges we face as parents is making sure our kids are growing at a healthy rate. To manage this, we take them for regular check-ups with our GP...

Joykids Australia Presents the Joykids Family Rave: A Weekend Adventure Like No Other

Get ready to kick off the first day of summer and the festive season with an unforgettable family adventure! Joykids Australia is excited to announce the Joykids Family Rave—an...

New study suggests weight loss drugs like Ozempic could help with knee pain. Here’s why there may be a link

The drug semaglutide, commonly known by the brand names Ozempic or Wegovy, was originally developed[1] to help people with type 2 diabetes manage their blood sugar levels. How...

Maintaining Your Pool After a Marble Interior Upgrade

After upgrading your pool with a marble interior, it’s crucial to understand that maintenance is key to preserving its elegance and longevity. You’ll want to regularly skim for d...

Times Magazine

How to Օvercome Լaziness

Everyone has moments of laziness from time to time, when all you need to do is sit or lie down and do nothing. How to overcome this laziness or stop procrastinating. Let's share some useful tips. From time to time, you can afford to be a little...

Beatbot - The ultimate pool cleaning solution

Pool maintenance is somewhere near the bottom of my priority list…until all of a sudden, spring arrives and the endless peppering from kids that want a non-stop pool-fest becomes part of the every day. It’s great fun when the pool is clean, clear...

Tools Necessary for Successful Connector for Wires Installation

For electrical professionals and DIYers alike, having the right tools and understanding the proper techniques for successfully installing a connector for wires is essential. Without the proper tools and understanding of the task at hand, a succes...

The Ultimate Guide for Moving for Seniors

Moving is a major activity, regardless of your age. There are a lot of things to manage and schedule, and the older you become, the more you have to think about. You're not alone if you've decided it's time to relocate but are feeling overwhelmed...

Evaluating the Benefits of Pet Insurance: Is It Really Worth It?

Owning a pet can be one of the most rewarding and fulfilling experiences, but it can also come with significant financial costs. Veterinary bills, prescription medications, and other pet-related expenses can quickly add up, and if you're not prepar...

The Benefits of Collaborative Family Law for Amicable Resolutions

Looking to resolve their disputes outside of court often find themselves exploring various options to reach a peaceful resolution. Whether it involves co-parenting arrangements, financial settlements, or future planning, there are methods designe...

Times Media

Times Men
Times Women
Times Health
Times Fashion & Beauty
The Rural Times
Times House & Garden

News Services

Times Traveller
The Business Times
Weekend Times
The Property Times
The Times
Times Food

Times Media

Times Driving
Modern Australian
Viw Magazine
New Magazine
Business Daily Media
The Bulletin