Local News

NC experts: Companies, consumers bear burden of cyber security

Posted December 19, 2013

— Target may have grabbed headlines Thursday for a data security breach that affected 40 million customers, but hackers have hit plenty of other companies in recent years.

In 2011, Sony revealed 77 million Playstation Network consumers had passwords and emails compromised. And in 2007, the parent company for TJ Maxx and Marshalls reported 94 million customer accounts had personal and financial information exposed.

Laurie Williams, who leads a software security program at North Carolina State University, where she is also a professor, said more than money is at stake when data falls into the wrong hands.

“Every day, more and more software is built that has vulnerabilities in it,” she said. “There are things more important than money, like people's privacy, like people’s lives. Get into medical systems (and) you can start to kill people. (Same with) power grids – just disabling our country.”

She said companies can’t take security seriously enough.

North Carolina Commissioner of Law Enforcement Greg Baker is a former FBI Cyber Crimes Task Force coordinator who argues businesses need to get beyond the notion that security is a costly burden.

He points to Nortel, now bankrupt after suspected Chinese hackers infiltrated the company's computer networks for years.

“I believe it’s a global crisis,” he said. “In the world we live in today, I can tell you there wouldn't be a balance sheet without a strong security posture.”

That means caring about the customer includes heading off the next hacker.

Williams said companies need to make their computer systems a higher priority, “so it's not just about functionality, but security as well.”

Consumers should also take steps to safeguard their personal and financial information.

State Attorney General Roy Cooper exhorts residents to check their bank and credit card accounts often.

“The thing you should do is monitor your account,” he said. “If you haven't accessed your account, you should go online and access it.”

Cooper said sometimes it take years before people realize their information has been stolen.

Consumers can put a security freeze on their credit reports to prevent someone from accessing information, and a credit card offers more protection than a debit card.
Companies also bear responsibility, Cooper said.

“In 2005, we got a law passed in North Carolina that required companies and the government to notify the consumers when there has been a data breach,” he said. “We’ve had over 1,800 data breaches since that law passed that have had to notify our office and over 4.5 million consumers that have had to be notified of a data breach.”

Added Cooper: “It doesn’t mean you will be victim. It just means you should have heightened awareness.”


This story is closed for comments.

Oldest First
View all
  • mafiamic Dec 19, 2013

    Not sure what you are talking about. Credit Card theft is fairly rampant. The good news for the consumer is they are not on the hook for the loses. The bad news for the consumer if the banks and card issuers have to jack up the interest rates to cover all of the theft. Course if you do as I do, and rarely use a card and always pay off the balance in full, then you do not get hammered by the rates.

    The card problems only began when they came out with cards for everything,because both businesses and people became lazy..Before there was only one card Banamericard and when someone had one of those you knew they had money.Banks used to give the loans out..The banks on the corner where the manager knew you.
    Now people don't want to go outside because of their kids or other things so they shop online where hackers and the NSA are watching them.We live in a paranoid fearful country where 75% of the time has no meaning.

  • whatelseisnew Dec 19, 2013

    Hey that is nothing. The OBama site is exposing the info of every person in the country that has an SS number.

  • changedmyname Dec 19, 2013

    You're a mean one, Mr. Hacker...

  • trianglerelic Dec 19, 2013

    Cyber crimes should be reclassified as Acts of Terror and the parties responsible should receive the same warm treatment. A one way trip to Gitmo Sans Trial.