Nerds with Attitude
On Tuesday, in her virtual town hall meeting with Richard Cordray, Chairman Matz kicked off her portion of the show noting that the use of technology by credit unions will be a major supervisiory focus of examiners this year. On Wednesday, the Federal Reserve confirmed that its computer networks had been hacked, apparently on Superbowl Sunday, resulting in the names of 4,000 banking executives being lifted from its database. This means that not everyone was staring at their TV waiting for the lights to come back on in the Superdome and, more importantly, if your examiner starts criticizing your security you might want to ask him, only half in jest, if the Federal Reserve can’t protect its computer systems, what exactly is your credit union supposed to do?
I pointed out before that except for a couple of lonely voices such as National Security Advisor Janet Napolitano and U.S. Attorney Preet Bharara, not enough people are taking the threat posed by the hacking of our technology infrastructure seriously enough. This is a national problem in need of a national solution and we need legislators to pass laws, the President to use the bully pulpit and the American taxpayer to recognize the need to (GULP!) raise and spend tax dollars to protect our computer systems. Think I am exaggerating? Imagine if we had built the Erie Canal only to find out that some wiz kids could pull the plug or if the mass production of automobiles was subject to a bug that allowed some guy in Romania to control Ford’s Model-T by remote control. This is exactly what’s happening with our technology infrastructure and even if credit unions and banks can hold up their end of the bargain, there is too much that is beyond their control.
So, what needs to be done? First, the laws have to be changed so that all businesses have skin in the game. This means making merchants directly liable for data breaches so that they have the same incentives and obligations to strengthen their technology infrastructure that is already imposed on credit unions. Second, the Federal government has to start explaining to the American public that just as we pay tolls to build highways and bridges we have to be willing to invest in giving governments the resources they need to really take on hackers. The difference is that if you build a road, it is good for several decades, but on the information superhighway, hackers are constantly thinking of ways to put up road blocks and the government needs the resources to keep up. Finally, we need a cultural shift. I think people of a certain age — of course not including your balding blogger — have a soft spot for computer hackers, remembering them as the uber-intelligent, slightly unshaven kids who spent way too much time in the computer room and did things that many of us can’t begin to understand. But, in reality, times have changed. Our infrastructure is under attack, imposing a major illegal tax on our economic growth and its about time we treat these guys like the first class criminals they are. If we don’t, there is not enough credit unions can do to protect their members.