Equifax, one of the three large credit bureaus in the United States suffered a significant breach of security. Hackers had been stealing information of 145 million Americans since March and Equifax discovered it until July of the same year.
Part of Equifax’s business depends on the collection of people’s information and its aggregation. i.e. The company’s information is used to manage unemployment claims, tax credits and, as well known, credit reports. How did hackers manage to steal critical information about 145 million Americans? Follows below a brief timeline.
A year before the company had received warnings about cybersecurity vulnerabilities. One of the key things was a lack of structure when patching their systems. It was unorganized and not rigorous. As an example, many SSL certificates were expired, which meant that communications between computers in Equifax’s network were not encrypted, they also did not offer visibility to monitoring portals to what was going on in their network.
High-depth hacking takes planning and patience. Hackers started by exploiting a vulnerability in unpatched systems to get their foot in the door. Once in, they worked on personifying specific internet addresses to gain access to multiple databases. When all was in place, they proceeded to collect people’s private information (Personal Identifying Information, or PII) at leisure; this took place from March through July.
This timeline gets the question – how will RPA or AI help to improve cyber security?
The answer is simple: versatility and patterns. Software robots can easily be taught to do any of the tasks below that could have hindered the intrusion:
This does not mean that RPA and AI will avoid any intrusions from ever happening, this is impossible as hacking usually exploits voids in human management as we saw above. Where RPA and AI will excel will be at helping minimize risks and increase detection speed. By executing on the items above and any others that might be necessary, RPA and AI will help make your business less susceptible to intrusion.