August 30, 2019 at 4:44 p.m.
Local business leaders learn about cyber threats to companies of all sizes
Local business leaders learn about cyber threats to companies of all sizes
Rimon Moses and Jackie Edwards of RMM Solutions, who led the presentation entitled Cyber Security Tactics for Northwoods Businesses, told the assembled business leaders that hackers are spending ten times what their targets in the U.S. spend annually on cyber security.
Edwards started the presentation, which was sponsored by Grow North, by showing the group a computer display that their company generates that tracks cyber threats worldwide, including their origin point and their targets.
"This is what's called a threat map," Edwards said. "And basically, what this is doing is showing us all the different threats that are coming into the United States right now. And the really scary part about this is it's about a third of what is really happening out there."
According to Edwards, over the course of the day, the pace of cyber attacks tends to increase. But even at its lowest point, the map shows that the "we are always under attack."
"Our personal belief is a layered security approach to things because I don't think that there is one solution or one thing you can do, or two," Moses said. "You need to continue to layer as the threats continue to change."
Moses said the number one question his company gets from customers is how does the company invest in technology and pay for it.
"That's a big deal because technology is expensive so we have ways to help people do that," he said.
Using his rented cellphone as an example, Moses noted that technology is increasingly moving in the direction of renting services such as what his company offers. The most important technology expense for a business is its cyber security, he added.
"How many of you are comfortable with the security that you have? That's a serious question," Moses said. "Does anybody really feel comfortable with the security of your organization or your personal security and that stuff?"
According to Moses, there are five myths about cyber threats that companies need to know about. They are:
• Hackers only go after large companies.
• Small business don't offer anything of value to hackers.
• Most hackers aren't dangerous; they're just teenagers.
• Law enforcement will protect me from a cyber attack.
• Hackers are not well funded.
Moses said believing any of these myths can leave a company open to threats such as ransomware, malware or the theft of data.
In dispelling the first myth, Moses said 43 percent of cyber attacks target small businesses.
"That's a lot, 43 percent. So if you think about the large number of enterprise businesses that are out there, they employ a lot of people," he said. "Like G.E. (General Electric) employs hundreds of thousands of people. They (hackers) do go after those guys, and they go after them hard. But only 57 percent of the time are they going after those companies."
Companies in the Northwoods are easy targets for hackers, he added.
Moses said the second myth persists because small businesses don't know how much valuable information is stored electronically.
"Small businesses and people like us have a lot of information," Moses said. "We have personal data, social security information, we sometimes have credit card information. Everyone in all organizations is involved and has a lot of connection outside of our business or organization; if they can tap into us, they can tap into that."
Moses also said that hackers can use personal information to take out loans, steal identities, make wire transfers and complete other scams. He also warned that companies have a lot of intellectual property that hackers can steal and then resell on the dark web.
According to Moses, hackers usually gain access to a company's computer network via social media. Particularly problematic are cases where employees use the same password for the work computer and their personal social media accounts.
"If they can access those credentials they can access you, they can get into this stuff, and they have a way of getting to a lot of other stuff," he said.
Through social media hackers can get login information, along with the names of other potential targets, he added.
"Through Facebook, (they) can find out who is connected to your account," Moses said.
As for the third myth, hackers should be considered very dangerous to a business, he insisted.
"This is a job, a very lucrative job for people, and I think the last count was there are hundreds of thousands of people that do this type of work every single day," Moses said. "And they're not just in Croatia and they're not in Russia, they're in the U.S. So they're all over and they spend their whole time, as opposed to our guys fixing things, they try to build code and write code that compromises and accesses all of our data. That's what they do for a living, and they're not very nice people. It's a big money business; they spend a lot of money and they make a lot of money."
The fourth myth is easy to dispel, due the sheer number of attacks hackers launch every day, Moses added.
"Unfortunately, law enforcement is not in the business of protecting us from cyber attacks," Moses said. "After the fact, after you've been compromised, they'll come in and try to help you. Sometimes they'll call in the F.B.I. and do some things, but they're just not in on the front end of it."
He said the government has a lot of resources, and a few months ago Rep. Sean Duffy brought some experts in to talk to some of the government's cyber professionals.
"I asked them what they are going to do about cyber security, because it is a big deal," Moses said. "They have a lot of resources, they can't talk about a lot of them, but they are also at a loss at how to contain it because you can't stop the Internet."
For example, it would be impossible to, say, stop all email from Russia or China from entering the United States.
Moses said the government is having a hard time figuring out a strategy for combating the hackers, "so they're putting it all on us (security firms)."
"We have to figure out a way to do it," he said. "Law enforcement, as much as they want to help, they don't have the resources to be proactive here," he added.
Finally, statistics dispel the last myth that hackers are not well funded, Moses explained.
"I can tell you for a fact that hackers spend ten times more than businesses in the U.S. spend," Moses said. "The last count I saw was that in the U.S. we spend about $100 million with protecting ourselves in cyber security protection, hackers globally spend about a trillion dollars creating pathogens and hacking people."
Ultimately, Moses said that the best way to combat the threat posed by hackers is by layering their security, setting up their emails to flag those from external sites, and aggressively teaching and test their employees on how to avoid falling for phishing attempts of other email forms of attack.
He also said that cyber security should be a priority from the CEO down to the lowest level worker who has access to a company's computer network.
The four major forms of cyber attacks are phishing, ransomware, spyware and web-borne malware, he added.
He also urged the business leaders to back up their network to an off-site location on a frequent basis.
"This is a really big deal," Moses said. "And if you're not doing this on a regular basis, you're putting yourself at risk and compromising yourself. Hackers are not looking for the hardest way to get in, they're looking for the easiest way to get in."
Jamie Taylor may be reached via email at jamie@rivernews online.com.
Comments:
You must login to comment.