The persistent woes of Equifax — the credit reporting agency responsible for the massive data- breach affecting about 143 million customers earlier this year — are continuing to incite new cybersecurity fears. Last week, the Equifax website featured an error message as the site went down after what appeared to be yet another potential breach.
Late on Wednesday, Ars Technica reported that independent security analyst Randy Abrams discovered the Equifax page was redirecting him to fraudulent Adobe Flash updates. He found that, when clicked, the download links would infect computers with adware. He ran into the phony Flash links on at least three times and shared a video of what he encountered on YouTube.
“We are aware of the situation identified on the equifax.com website in the credit report assistance link,” Equifax spokesman Wyatt Jefferies said in a statement. “Our IT and Security teams are looking into this matter and, out of an abundance of caution, have temporarily taken this page offline. When it becomes available or we have more information to share, we will.”
After the investigation was completed, the company stated the incident was not a breach, as reported by Endgadget. The website was back online by the weekend.
Meanwhile, Congress is considering a national credit freeze in the wake of the Equifax fiasco. Representative Patrick McHenry (R, North Carolina), who introduced the bill, explained, “It protects Americans by creating a national credit freeze that actually works. Finally, it prohibits the largest credit reporting agencies from continuing to rely upon the most sensitive of Americans’ personal information: our Social Security numbers.”
While this isn’t necessarily a bad temporary countermeasure, it does ignore the new cybersecurity fears we are beginning to face as a society. Ending reliance on Social Security numbers is a good thing to do. However, in a time when a single weapon could cause an electromagnetic pulse (EMP) that wipes out the power grid of the entire country, destroys our electronics, and creates “an existential crisis like nothing the world has ever witnessed,” loss of information and operations also demand the attention of Congress.
Further into the future, privacy issues will include protecting brain implants from hackers who attempt to access the human mind itself, and deciding how brain scanning should be used for — and against — citizens. Just as important, the neuroethical discussion needs to start now.
A proactive, science-based approach will be essential to mastering cybersecurity, cognitive privacy, and similar challenges, and both technical and legislative solutions will need to be implemented. Meanwhile, quantum encryption and computing are coming soon, and blockchain is already here, all offering new ways to protect information from prying eyes, if not EMPs.