Taking a brief break and looking through the news headlines... and yet another big company's website has been hacked, with customer data scare

TalkTalk cyber-attack: Website hit by 'significant' breach

Talk Talk 'significant breach' could affect all customers

TalkTalk cyber-attack: Boss 'receives ransom email'

Is it that difficult for companies earning hundreds of millions £££s to fence their systems to a hack-proof state? Some don't even auto-encrypt data

Or are cyber-hackers - backed with sustained DDoS attack - just damn too smart?

Having a lot of money doesn't help when hackers discover vulnerabilities before everyone else.

It's almost impossible to do that.

Our company has roughly 4 million~ lines of code running on various applications.

We had Russian hackers exploit a vulnerability in our server host's hosting panel and load down a bitcoin miner a while back.

So basically if it's made by man, it will be hacked by man.

All hail quantum cryptography!

Why so many people think big amounts of $$$ equals being a God?

Thinking a company can make an unhackable website because they have loads of cash is pretty much the same as thinking their CEOs become immortal and immune to diseases because they have a lot of money.

Yes, some huge companies are penny-pinching on security, or have no clue in hiring actually good security developers; which result in jaw dropping vulnerabilities like storing passwords in plain text in their databases, or not using encryption.

But cheapskate and incompetent companies aside (and boy, there's a lot of them), having lots of money doesn't make it easier on making hack-proof websites.

Security is a cost-center, not a profit center.

Taking a brief break and looking through the news headlines... and yet another big company's website has been hacked, with customer data scare

TalkTalk cyber-attack: Website hit by 'significant' breach

Talk Talk 'significant breach' could affect all customers

TalkTalk cyber-attack: Boss 'receives ransom email'

Is it that difficult for companies earning hundreds of millions £££s to fence their systems to a hack-proof state? Some don't even auto-encrypt data
Or are cyber-hackers - backed with sustained DDoS attack - just damn too smart?

Complex software will always have bugs, some bugs can be exploited by malicious users, it is just a fact of life.

The only way to write hack proof software is to stop at hello world (but even then you might still fall victim to security flaws in software other people have written (such as your OS, compiler, vm, etc)

Maybe all OSes should be written in Lisp and just have the code write its own code. Look ma. No mistakes.

Why so many people think big amounts of $$$ equals being a God?

Cus we r 2dumb to no

Thinking a company can make an unhackable website because they have loads of cash is pretty much the same as thinking their CEOs become immortal and immune to diseases because they have a lot of money.

Complex software will always have bugs, some bugs can be exploited by malicious users

Seriously, I think hackers are simply more dedicated to their job than security professionals.

Big companies are very complacent. The medicine is TEST, TEST, TEST AND TEST. If possible hire former professional hackers.

Complacent and penny-pinching This sums it up

Security is a cost-center, not a profit center.

Complex software will always have bugs, some bugs can be exploited by malicious users

Seriously, I think hackers are simply more dedicated to their job than security professionals.

Big companies are very complacent. The medicine is TEST, TEST, TEST AND TEST. If possible hire former professional hackers.

Complacent and penny-pinching This sums it up

It's just easier to be robber than cop. Hacker have all the advantages and even when they fail it's just no news. But if site fail then its big news. Hackers can also pick the lowest hanging fruits.(worst secured sites)