Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Friday, 29 June 2018 12:07

Hacked or not? PEXA chief ponders the options

Were we hacked or not? Weighty question, indeed. Were we hacked or not? Weighty question, indeed. Pixabay

There are some similarities between the two Australian companies whose defences were breached recently: human resources outfit PageUp People and e-conveyancing platform PEXA.

While the former has been forced to admit that its systems were breached and has received a fair bit of coverage, PEXA has not received half as much attention.

But the acting chief executive James Ruddock seems keen to follow in the footsteps of PageUp People chief executive Karen Cariss, by adopting the "nothing to see here, please move on" method so common in the PR community, even if it serves no purpose.

Ruddock is on record as saying his company was not hacked. When somebody gains access to your systems what do you call it then? A brief visit to make your acquaintance? A stopover for biscuits and tea? Or a goodwill visit to spread the message that all men and women are equal?

But before I put the cart before the proverbial horse, here are some details about the PEXA hack, from the excellent Mortgage Business website. Dani Venn, a former contestant of what passes for a cooking show, MasterChef, lost $250,000 from the sale of her property. This happened because some dude/dudette moved the settlement funds into a bogus bank account.

How did these folk gain access to PEXA's systems? Why, he/she/they hacked into the email account of Venn's conveyancing agent, examined emails this individual had received from PEXA, obtained user credentials and then walked in through Ruddock's front door.

So he wasn't hacked? He was pwned in style, by an adversary who didn't give him a chance by doing it so silently. Would that make him happier?

Of course, PEXA's concern is that the success of an impending IPO, expected to bring in close to a billion, may now be jeopardised.

So Ruddock, much in the same vein as another, much older man who bears the same surname — the elder statesman of the Liberal Party, that champion of immigration, Philip Ruddock — has started spinning.

Like all people who find their systems busted, Ruddock says the company is developing additional security measures. On hearing which, one can only laugh cynically. Too late, old chap, the horse has bolted.

Here's a small passage from Mortgage Business: "According to Mr Ruddock, when PEXA was alerted to the fraud late last week, the company immediately increased its monitoring of potential unusual activity surrounding password resets, new user creations and changes to BSB and account numbers."

So you don't have a shower before you go out but when you discover that the Aga Khan is among your luncheon companions, you dash back and jump headfirst into the tub. You look to buy your toilet paper after settling down on the porcelain.

PEXA may have more anxieties than the average small business that is hacked; it said to have transacted more then $100 billion worth of property since it was set up in 2010 to provide a single e-conveyancing solution for those in the Australian property business.

Additionally, Mortgage Business says a competitor, Sympli, is gearing up to enter the market. Ruddock may now be realising the truth of the saying that misfortunes come in threes. And he could well be wondering when and where the third blow will fall.

Maybe he too, like Cariss, will learn belatedly that you need to put good security in place when you start doing business online, that you need some hardened pros — yes, hackers — on your staff to monitor your systems for untoward activity, and that you need to be willing to spend on security.

Else, you tend to look rather foolish when your systems are hacked and you keep insisting that they were not. Something like One Nation (or is that Half Nation?) leader Pauline Hanson who insists she did not flip-flop on tax cuts, and yet took every possible position, some of which even a seasoned acrobat would find difficult to emulate.


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments