Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 06 July 2017 11:23

Public data access will lead to breaches down the line


If the recent Medicare card episode does anything it should make the Australian Government stop and think – and realise that its push to have public data available on the Internet is going to lead to data breaches down the line.

Recent reports said that Medicare details were available for sale on a site on the dark web.

The government was caught on the hop when it surfaced that the Australian Taxation Office was reported to have told its staff that Medicare cards could not be used for identity verification after this information came to light.

But then the ATO quickly withdrew this advice – presumably because it did not gell with the statements being made by Human Services Minister Alan Tudge that all was well and no breach of any kind had occurred.

Tudge was at pains to try and spin the incident as being one of ordinary theft, maybe from a clinic or some place similar.

This points to confusion in government ranks, a situation where the right hand does not know what the left hand is doing. But that is a minor fallout.

Questions should, however, be raised about the crazy push to put public data on the Internet, especially in view of the increasing reports about data breaches, all at websites which were thought to be safe and secure beyond a doubt.

Having data at one's fingertips is very convenient. But convenience is, and has always been, the greatest enemy of security. Even the most junior security professional will tell you that.

Many security incidents occur because data is knowingly, or unknowingly, exposed on the Web. It is trivial to find unsecured data stores – some white hat hackers do it for a living.

From 22 February next year, it will become mandatory for government agencies and businesses/non-profits which have turnover of more than $3 million to disclose any data breaches.

But that will provide small comfort to the individual whose identity is stolen.

Putting data on an intranet is safer, but then again nothing is foolproof. The Stuxnet virus, which disrupted Iran's nuclear programme, was transmitted through an USB stick as the nuclear facility was not on any public network.

But the chances of data exfiltration are greater when a site is connected to the Internet. A little convenience will lead to a great deal of pain later on.

It is probably too much to expect a government, especially one as technologically naive as the one we have, to think seriously about the implications of public data access. But if more people raise doubts about the wisdom of doing so, maybe someone will notice.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments