Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


Web defacement - could you be next?

The National Party website defacement – could you be next?

By Graeme Sinclair and Rupert Dodds, KPMG

Recently a hacker defaced the National Party website with Neo-Nazi slogans. Aside from acute embarrassment and a hasty shutdown of the site for a security review, it appears that the attack hasn’t caused long term damage to the National Party.

Not everyone gets off so lightly. Security breaches such as website defacements, or theft of data – especially personal data – can be disastrous for the reputation of a business. Customer confidence plummets and the subsequent investigation of the security breach can cause serious disruption within the organisation. The increasing reliance on electronic communication such as the internet and email further exposes the organisation to risk, and a breach of these systems can penetrate deep into the internal workings of the business.

So what can businesses do to protect themselves from the potentially disastrous consequences of a serious security breach?

First, businesses need to understand that security is a very dynamic activity operating in a rapidly changing environment. Software vendors are continually offering patches to keep up with system vulnerabilities exposed by hackers. Network security is like a dam holding water. If any cracks appear in the dam wall they are repaired to ensure that the water won’t seep through and bring the whole lot tumbling down. It’s the same with an organisation’s security systems. Perimeter security keeps unauthorised persons out of the internal network, but often cracks appear and patches have to be applied to protect the system. Therefore, it is crucial that businesses keep up-to-date with the latest patches and fixes offered by software vendors. A bit of time and a few dollars spent here could save you millions.

However, security is not only about firewalls, hackers, and patches. It is also about people and processes. Too often businesses put all of their resources into the technical side of things and forget the rest. The most sophisticated security system in the world won’t protect a business against sloppy password protection. Make sure that passwords are not guessed easily and change default passwords on operating systems regularly. Ensure that staff are aware of their security responsibilities. For instance, it is crucial that they don’t share or write down passwords.

Security management is a multi-faceted discipline and businesses need to make sure that they invest their time and money wisely. They can do this by carefully assessing where the greatest security risks are in their business and allocating resources accordingly. Getting back to the dam metaphor – the biggest cracks usually get fixed first. It’s the same with security management.

An attack on a website like the National Party’s does not happen without the hacker sniffing around the website beforehand to pick up information. How do you monitor and test your systems and staff response to suspicious activity? Some organisations deliberately employ legitimate “white hat” hackers to seek out bugs in their network security and plug them before the real “black hat” hackers arrive on the scene.

The burglar looks for the house with lights off, no dogs and no alarm system. It’s the same with system security. Being smart about security and having appropriate protections in place will reduce the chance that you will be the next red-faced executive explaining yourself to the media and disgruntled customers.


© Scoop Media

Business Headlines | Sci-Tech Headlines


ScoopPro: Helping The Education Sector Get More Out Of Scoop

The ScoopPro professional license includes a suite of useful information tools for professional users of Scoop including some specifically for those in the education sector to make your Scoop experience better. More>>

Big Tax Bill Due: Destiny Church Charities Deregistered

The independent Charities Registration Board has decided to remove Destiny International Trust and Te Hahi o Nga Matamua Holdings Limited from the Charities Register on 20 December 2017 because of the charities’ persistent failure to meet their annual return obligations. More>>

57 Million Users' Data: Uber Breach "Utterly Preventatable"

Cybersecurity leader Centrify says the Uber data breach of 57 million customer and driver records - which the ride-hailing company hid for more than a year - was “utterly preventable”. More>>

Scoop 3.0: How You Can Help Scoop’s Evolution

We have big plans for 2018 as we look to expand our public interest journalism coverage, upgrade our publishing infrastructure and offer even more valuable business tools to commercial users of Scoop. More>>

Having A Cow? Dairy Product Prices Slide For Fourth Straight Auction

Dairy product prices fell at the Global Dairy Trade auction, retreating for the fourth straight auction amid signs of increased production... Whole milk powder fell 2.7 percent to US$2,778 a tonne. More>>


Statistics: Butter At Record $5.67/Block; High Vegetable Prices

Rising dairy prices have pushed food prices up 2.7 percent in the year to October 2017, Stats NZ said today. This followed a 3.0 percent increase in the year to September 2017. More>>


Science: New Research Finds Herbicides Cause Antibiotic Resistance

New University of Canterbury research confirms that the active ingredients of the commonly used herbicides, RoundUp, Kamba and 2,4-D (glyphosate, dicamba and 2,4-D, respectively), each alone cause antibiotic resistance at concentrations well below label application rates. More>>


  • Bill Bennett on Tech