In this Cybersecurity Insider podcast episode, host Yigal Behar focuses on how hackers target valuable data.
Yigal, a seasoned cybersecurity consultant, shares his background, explaining how he gained experience working for Avnet Deloitte & Touche Ltd in Israel from 2000 to 2004. During this time, he helped government agencies like the Prime Minister’s Office and the Social Security Administration, as well as banks and private companies.
In 2004, Yigal moved to the U.S. and founded a second business, dedicated to providing Cybersecurity solutions for small businesses. His company formed partnerships with CPA firms and law firms, helping their clients tackle security challenges. He then addresses the audience directly, asking them to consider who they are—whether they are small business owners, executives, or employees looking to prevent data theft and safeguard their privacy.
Yigal then hints at the topics they will cover during the webcast.
Agenda
- Yigal discusses the limitations of traditional cybersecurity solutions.
- He explains that businesses, whether small or large, often rely on familiar tools like firewalls and endpoint protection (e.g., McAfee, Norton Antivirus).
- These traditional tools are no longer sufficient to provide the necessary security in today’s growing threat landscape.
- Many companies continue to use these outdated solutions despite their inability to keep up with modern cyber threats.
- Yigal plans to explore why these traditional methods fall short in today’s environment.
- He will discuss the 2019 threat landscape and how new cyber threats expose weaknesses in older security practices.
- The episode introduces the concept of cybersecurity “transistors” to illustrate why traditional solutions are ineffective.
- Yigal promises actionable steps for improving cybersecurity defenses that businesses can implement immediately to strengthen their security.
Steps Not To Be A Sitting Duck
Yigal shifts focus to the steps companies need to take to avoid being passive targets for cyberattacks. He points out that many businesses, even large enterprises, fail to prioritize cybersecurity correctly. Some don’t fully understand how security works or what actions are necessary to strengthen their defenses.
Improving a company’s cybersecurity posture is an ongoing process. Just like a business gradually grows through small steps, cybersecurity also requires continuous, incremental changes. He reiterates that making these small adjustments is key to enhancing a company’s security posture.
Free Bonus
Yigal announces a special bonus offered during the webcast—an information technology access control and use policy valued at $500. He explains that having employees sign this policy can significantly help companies improve their security. However, Yigal warns that if a company monitors its employees without informing them, it could lead to legal issues, especially if the matter ends up in court.
He advises businesses to use the policy wisely by having their lawyers review and modify the document as needed. Yigal stresses the importance of ensuring the policy is properly written and updated, including customizing it with the company’s name. He also recommends that employees sign the policy every year and that it be included in the company’s handbook to formalize the process.
Evolution Of Cybercrime
In this portion, Yigal discusses the evolution of crime saying how it has transformed over the years. He contrasts traditional crime, which was often committed with a gun and had a limited impact, affecting only a small number of people.
In contrast, modern cybercrime has drastically expanded its reach. With advancements in technology, a single attack can now affect millions of people worldwide.
Yigal asserts how easy it has become for cybercriminals to wreak havoc with just a computer, a keyboard, and a mouse. He notes that even basic online searches can provide access to powerful tools, making it simpler than ever to launch devastating cyberattacks.
Equifax Case Study
Yigal then discusses the fallout from the Equifax data breach, which has led the company to pay at least $650 million in what is described as the largest-ever data breach settlement. He uses this high-profile case to highlight the potential consequences for smaller businesses facing similar breaches.
Yigal points out that statistics reveal a harsh reality: after a data breach, a small business may only have about six months before it has to shut down. Unlike Equifax, which has the financial resources to absorb such losses and recover, small businesses often have limited resources and may struggle to survive after a major breach.
He also notes that the Equifax breach resulted in several high-level executives stepping down, including the Chief Technology Officer, Chief Information Officer, and Chief Information Security Officer. This illustrates the severe internal and external repercussions of such security failures.
Yigal addresses a common misconception among small business owners, who might think that their smaller scale makes them less likely to be targeted by hackers. He firmly refutes this notion that even businesses with seemingly less valuable data are at risk and should not underestimate the potential threats.
Data Breach
Yigal presents findings from a 2016 research study conducted by the Ponemon Institution. The research surveyed small companies about their experiences with cyber attacks. According to the results, 55% of respondents reported having suffered a cyber attack in the past year. Additionally, 50 percent of those surveyed had experienced a data breach, where attackers were able to extract data from their systems.
Yigal points to a critical issue: despite the high incidence of cyber attacks and data breaches, only 14 percent of small businesses reported having the necessary budget, expertise, and tools to effectively prevent or detect such breaches.
Spring Hill Medical Center
Yigal also shares a troubling update about the Spring Hill Medical Center. He reveals that the center has been hacked twice in a short period, with the most recent attack occurring just two days ago.
When a business suffers repeated breaches, it often indicates deeper problems with their cybersecurity practices. He suggests that the organization likely has substantial gaps in their approach to cyber protection, whether due to a lack of expertise or misaligned priorities.
Yigal then transitions to discussing the 2019 threat landscape, indicating that understanding the current state of cybersecurity threats is essential for improving protection strategies.
Cybersecurity Trends
Yigal shifts focus to examining current cybersecurity trends, emphasizing their importance in understanding why traditional security solutions may no longer be adequate. He presents a graph illustrating malware trends over the past nine years, which shows a dramatic increase in the volume and variety of malware.
Yigal points out that the graph reveals billions of different types of malware spreading globally, targeting businesses of all sizes—small, medium, and large.
Threat Reports
Yigal looks into the findings from Webroot’s threat reports for 2017, where 94% of all malware is unique to single incidents, rendering traditional signature-based antivirus solutions largely ineffective. He explains that traditional methods rely on malware signatures to detect threats, but with such a high percentage of unique malware, these signatures quickly become obsolete.
It can take time for antivirus companies to analyze new malware and release updated signatures. During this lag, if a new malware variant infects a computer through a phishing email or other means, existing antivirus solutions may not detect it because they lack the necessary signatures.
Yigal also discusses another critical finding from the report: 90 percent of successful data breaches are caused by human error, specifically when individuals click on malicious links or open infected email attachments. He notes that while there are other types of attacks, such as drive-by downloads, he will not delve into those details at this moment.
Phishing Email
Yigal then tackles the prevalence of phishing attacks and the importance of training employees to recognize and avoid them. He shares an example of a phishing email he received, using it to illustrate common tactics used by attackers.
Yigal points out that the email pretends to be from FedEx and includes an attachment, which is unusual because FedEx typically does not send attachments in their notifications. He explains that opening such an attachment can trigger a JavaScript file that downloads ransomware onto the computer.
He continues by describing the WannaCry ransomware, which gained notoriety the previous year. WannaCry encrypts files on infected computers and servers, rendering documents inaccessible. Yigal warns that even cloud applications like Dropbox are not immune, as ransomware can also encrypt data stored in these services.
Yigal also mentions a newer tactic where hackers use infected computers to mine cryptocurrency. Instead of encrypting files, they leverage the computer’s resources to generate cryptocurrency, effectively rendering the computer unusable for its owner while the hackers profit from the mining activity.
Cryptojacking
Yigal introduces the concept of “cryptojacking” malware, which uses compromised websites to secretly mine cryptocurrency. He explains that this type of malware embeds code into legitimate websites without the user’s knowledge.
Since the mining occurs through the website, traditional security solutions, including firewalls and antivirus software, often fail to detect it. This is because there’s no malicious file downloaded onto the computer; the attack leverages a “fileless” approach that doesn’t create physical files that could be scanned and identified by security systems.
Yigal also discusses the vulnerabilities associated with the Internet of Things (IoT), which has risks posed by network-connected devices like printers, security cameras, modems, and routers. He shares an example involving network printers. Research by Check Point revealed that these multifunctional devices, which can print, scan, and fax, have vulnerabilities. An attacker could exploit these vulnerabilities by dialing into the modem and sending a specific code to the fax function, causing it to forward all faxes to another number. This allows the attacker to access sensitive information stored on the printer.
Network printers are essentially computers with specialized functions, even though they lack traditional computer peripherals like keyboards and mice. This example illustrates how even seemingly innocuous devices can become security risks if not properly managed.
Risk Management
As the webcast continues, Yigal addresses how businesses can protect themselves from cyberattacks. He asserts the importance of risk management in cybersecurity. The goal of risk management is to reduce risks to an acceptable level through various protective measures.
Yigal also advises considering cybersecurity insurance as an additional layer of protection. He explains that such insurance can help cover damages in the event of a cyber incident, providing a financial safety net if things go wrong. This way, businesses have some form of support to mitigate the impact of security breaches.
Updates
Yigal outlines practical steps businesses can take to improve their cybersecurity defenses immediately.
- Keep Systems Updated:
- Ensure all systems, including computers, laptops, servers, firewalls, and printers, are up to date.
- Install available patches to address vulnerabilities.
- Acknowledge that while updates can introduce new issues, the risk of not updating is greater than the potential problems.
- Implement And Test Backups:
- Maintain a robust backup system that not only stores data but also can be restored effectively.
- Regularly test backups to ensure they can restore operations.
- Prepare for scenarios where access to physical offices might be restricted, such as floods, weather issues, or other disasters.
- Verify that backups work, as many people fail to do this, which can lead to issues during a crisis.
- Use Unique And Strong Passwords:
- Avoid reusing passwords across different accounts.
- Steer clear of simple or easily guessable passwords like “123456” or “password.”
- Create unique passwords for each account.
Protecting Against Exploited Leaked Passwords & Accounts
Yigal then addresses the issue of leaked passwords and accounts, where breaches, such as the Equifax case, expose email addresses and other sensitive information. Hackers can exploit this data in various ways, including sending phishing emails or buying leaked data on the dark web to use against individuals.
Yigal recommends updates every three months. He advises that each account—whether it’s email, Facebook, LinkedIn, or others—should have a unique password. Although keeping track of many passwords can be tough, making these changes is very important for better security. He understands this can be hard but assures listeners that taking these steps is key for staying safe.
Bottom Line
In this section of the webcast, Yigal shares the steps for protecting company data and ensuring business continuity.
- Establish A Cybersecurity Program: Have a cybersecurity program to ensure business continuity over the next six months.
- Conduct A Risk Assessment: According to Yigal, many businesses skip this critical step. Risk assessments check all settings, applications, and solutions for network breaches. It’s essential for identifying and addressing overlooked details that impact data protection.
- Develop A Remediation Plan: This helps address gaps identified during the risk assessment. Implement measures to strengthen security based on the assessment findings.
- Ensure Ongoing Maintenance: Businesses must regularly check and update security measures as well as continually verify that systems remain properly configured and secure.
Yigal explains that hackers are constantly changing their tactics, and trends in cyber threats change frequently—sometimes even every month. He gives an example of how a security tool like McAfee, which might have been effective when first installed, could become outdated as new types of attacks emerge. This means businesses need to stay updated with different tools and solutions that might better address the current threats. Cybersecurity is fundamentally about risk management, aiming to reduce the likelihood of network breaches.
How To Get Started
Yigal offers five key points to consider on how to get started.
- Free Audit Offer: Yigal announces that they are providing a free audit service for both existing and new customers. This service is available by application, meaning they need to approve your situation before proceeding.
- Audit Details: The audit involves assessing your business’s current security setup and identifying any issues. If you have specific concerns or areas you haven’t yet considered, the audit will address those.
- Scorecard and Remediation Plan: After the audit, you’ll receive a scorecard that outlines what actions are needed. This includes a remediation plan to address identified risks.
- Feedback and Optimization: The audit results will help tailor and improve their cybersecurity services based on your current needs and pain points.
- No Sales Pitch: Yigal assures that this audit is not a sales tactic. They are not looking to sell additional services but aim to provide valuable insights and support.
The goal is to help businesses better understand their security posture and ramp up their defenses without any pressure to purchase additional services.
How to Sign Up for Your Free Audit Service
Sign-Up Instructions: To get started, visit the specified link and submit your information. This will initiate the review process for your application.
Personal Interview: After your application is submitted, Yigal will likely reach out for a personal interview. This step ensures that all details are up-to-date and helps Yigal understand your specific needs.
Application Approval: Following the interview, your application will either be approved or declined. Given the limited number of available slots, applying soon is recommended.
Next Steps: Upon completing the audit, you will receive a remediation plan. You can choose to implement the recommendations yourself, delegate them to your IT team, or disregard them.
Additional Resources: All participants will receive a complimentary offer via email. Yigal also encourages you to download his FREE book.
Yigal thanks everyone for their participation and will keep listeners informed about future webcasts.
For more valuable content, don’t miss out on the Cybersecurity Insider podcasts. We deliver the latest news, in-depth expert interviews, and practical tips and strategies to keep you ahead in the cybersecurity field. Catch us on YouTube, Apple Podcasts, and Spotify for all the latest episodes and updates.