By Al Dozier
Several local business leaders from the Irmo community recently gathered at the Greater Irmo Chamber of Commerce for some insight into the growing problem of cybersecurity.
Around a dozen people heard a presentation on January 13 on how to prepare for cyber intrusions.
A large number of cyberattacks against U.S agencies, institutions, and companies have made headlines this year. Cybersecurity experts say that these types of damaging attacks are on the rise.
In January of last year, Georgetown County experienced a major infrastructure breach following a sophisticated attempt at cyber intrusion, which most people would have mistaken for being a legitimate email that impacted online systems like email and GIS. Attackers demanded a large amount of cryptocurrency as ransom, which officials refused, opting instead to rebuild its system entirely.
Cybercriminals, believed to be tied to Russia, in May of last year targeted Colonial Pipeline, the operator of the largest fuel pipeline in the U.S. When the hackers infiltrated the system the company quickly shuttered the pipeline to prevent the ransomware from spreading. The shutdown caused gasoline shortage and price hikes for about a week across the East Coast, leading governors in several states to declare states of emergency.
It’s not just the business community, but personal households that are now susceptible to the attacks. “Hackers” often tap into emails and other personal data to ultimately gain access to business records, bank accounts and credit cards.
The Irmo workshop, sponsored by the chamber, was hosted by James Berry, a business development specialist with Custom Cloud Solutions, a technology support business that has offices in West Columbia.
Berry offered explanations on a variety of topics, including The Dark Web; Malware; Ransomware; and other technology buzzwords.
“The bad guys are around,” Berry said, but simple awareness of their behavior can help protect against cyberattacks.
One of the most important things to know about how hackers work is their pursuit of a person’s password and username.
“If they can get into your email, they can find all kinds of things about you,” he said.
Once they access email, hackers can often find birth dates, addresses, credit card information and banking account.
“This is the information they need to hack,” he said.
Don’t use simple passwords. Don’t use the same passwords for different accounts.
Just having some basic awareness about the communications you receive can go a long way to preventing intrusions, Berry said.
For example, if an email appears with a grammar error, that’s a sign that it’s being sent by a hacker.
Also, look at the logo of the message. If it doesn’t match the familiar logo of the source that it claims to represent, that’s another sign.
Hackers often disguise messages as coming from sites often used for financial transactions, such as Amazon and Pay Pal. Recipients should be skeptical if asked to provide account numbers or financial information.
Berry said these are some of the questions you can ask yourself to determine if the message received is legitimate: Was I expecting it? Does the sender normally send this message? Is the sender asking me to give information that I would normally give?
“Malware” short for “malicious software,” refers to any intrusive software developed by cybercriminals to steal data and damage or destroy computers and computer systems. Examples of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware.
Berry described the malware as “a malicious attack on your system.”
Berry also referenced the “dark web,” a website where “a lot of bad stuff goes on.”
According to Avast Academy, a digital security website, the dark internet is designed to provide anonymity by keeping communication private through encryption and routing online content through multiple web servers. That’s where the “dark” part comes in. Accessing the dark web requires the use of specific software that keeps you anonymous.
During the meeting, there was also a discussion about the need for insurance for businesses that could face liability if a client’s data is somehow compromised.
After the meeting, participants said they were pleased with what they learned about staying “cyber-safe”.