HENDERSON – What’s the best way to combat cyber threats? Some experts say it’s common sense.
Brian Burkett and Darrin Lloyd with AME Group, a company based in Vincennes, Indiana, on Tuesday discussed with members of the Henderson Lion’s Club some of the best ways businesses can protect themselves from cyber threats.
“Cybersecurity is a hot topic,” Burkett said. Going hand-in-hand with that, he said, is “reliable, usable, backup (data) recovery in case someone does get through your security measures. If you own a business and work in a business that runs on computers, this is a talk you need to hear” and act upon.
Lloyd said all the security measures in the world buckle under human error.
“The weakest point in any network, is, unfortunately, we (humans),” he said. “Cybersecurity is one of those things that you have to be aware of everything at all times. It’s also a dry subject until something happens, and then you want to know as much as possible to prevent it from happening again.”
The main objective of an IT security system is to protect the confidentiality of information “and to make sure it’s only being accessed by the people you want it to be accessed by.”
Lloyd said that a computer system’s security can be compromised in three ways — nature, people and malicious software, also known as malware, which is anything that attacks the computer system.
“With nature, do you have all your computers in the basement and does that basement flood? Think about the computer system getting struck by lightning,” he said. “People can also compromise computer security. You have an employee who inadvertently shuts something off.”
However, malware is the main issue facing businesses using computer systems. Lloyd said malware can be introduced to a computer system through an email, a website, or a document sent by someone you don’t know.
Another particularly ugly cyber threat comes in the form of “ransomware,” which is a data-hostage situation, he said. This is literally where data is withheld from its rightful owners and only returned after a ransom is paid.
“Somebody gains access to your computer, mostly it’s through an email,” Lloyd said. “Once you’ve opened the email, everything looks normal to you. But in the background, what it’s doing, is taking your data and encrypting it and locking it. The data stays there, but you don’t have access to it. Suddenly, messages will pop up that tells you if you want your data back, you need to pay a ransom. Often now, these messages come with a timer. If you don’t pay the amount before the deadline, the ransom is increased and it keeps going up and so you pay it just to get access to your data.”
“There’s little or nothing that most IT providers can do to reclaim that data,” he said.
Lloyd said the best way to combat ransomware, “is to have practices in place which involve backup strategies” which aren’t affected by this cyber threat.
Lloyd shared a story involving ransomware which affected a medical practice.
“There was a medical office who got one of these things and everything started grinding to a halt,” he said. “They didn’t call us, unfortunately, and they rebooted everything. That’s when the data locked. The ransomware had been sitting in the system for weeks. They’d been happily plugging in their USB drives and backing up their data. They did this on multiple drives and methodically encrypted every, single drive.”
“We had made several suggestions prior to this (regarding security) which were rejected,” Burkett said. To get their data back and to get the computer system free of the ransomware cost this medical office well over $100,000, he said.
Lloyd said, “there are so many ways that people can come and attack our computer systems.”
If someone sends you a document that you weren’t expecting, it’s probably best not to open it, he said.
Check email addresses to verify the sender, he said, and ask questions. Businesses should have anti-virus software installed and also have good backup solutions.
In the end, Lloyd said, “Network security is up to you.”
Read or Share this story: http://www.thegleaner.com/story/news/2018/01/09/experts-cybersecurity-up-you/1017819001/