Simple tasks protect against hacking.
With the recent WannaCry and Golden Eye ransomware attacks, hacking is back in the spotlight. Not that it was ever really out of the spotlight, of course.
Hacking seems ubiquitous. But speakers at a recent cyber security forum said businesses can take simple precautions to prevent attacks.
“Things like regular patching and backups offline are still very important and often overlooked,” said FBI Special Supervisory Agent George Chamberlain.
Kevin Thompson, threat analyst for cyber security firm FireEye, said more than 90% of attacks still originate from an email. Take the recent email scam at Southern Oregon University, which cost the school $1.9 million.
Officials sent money owed to its contractor to the wrong bank account based on an email that appeared to come from the firm itself. Checking the email source or confirming the message with someone you know could have prevented the costly error.
RELATED STORY: Cybersleuthing — A peek at Oregon’s new security breach database
If a data breach does occur, the resolution process is much lengthier than you think.
“We’re seeing on average the time from initial infection when the organization is being breached to when we identify it is 100 days,” Thompson says.
Remediating the infection takes about 30 days.
“So 130 days from time of the infection until the attacker is completely removed,” Thompson said. “Think about the amount of damage that can be done.”
Chamberlain said companies often want to resolve the situation quickly by wiping the infected host and moving on. But companies need to understand the scope of the breach.
“What we’ve seen, from experiences in the last two years, companies move on from the breach, and six months later get a call from a shadowy figure threatening to release data,” Chamberlain said. “These aren’t theoretical, we are working with companies that are dealing with this right now.”
Taking the time to find out what data was taken can help businesses make more informed decisions down the road if a shadowy figure calls demanding money in exchange for stolen data.
Chamberlain says the FBI is trying to be actively engaged in local communities. The FBI’s new Tech Tuesday campaign for example, warns of ongoing scams while offering cybersecurity tips.
The public may not perceive the FBI as an open organization, but Chamberlain says he views community outreach and cyber security education as an important part of his job.
“We want people to understand the FBI is a resource,” he says. “We want to get to know people before an incident occurs.”