Last weekend I gave a cybersecurity presentation at the Tallahassee Chamber of Commerce Community Conference.
Eddie Gonzalez Loumiet (CEO-Ruvos) and I walked the audience through common threats, with real-life stories of hacking and the defenses for your business available now.
The most frequent attacks I see are BEC (business email compromise). These could range from gift card schemes (a request to buy gift cards that appear to be from your boss), extortion (pay the hacker or they expose your browsing history), ransomware attacks, and wire fraud attacks.
Most of these use social engineering techniques to gather real information on you to make email attacks seem more authentic.
I shared one true story about a client who received a “gift card” email request; after getting the email request, they bought a dozen $100 gift cards. The hacker then instructed them to scratch the back of the cards and send them pictures of the codes (which is as good as cash).
The person on the other end did not know how to attach the pics to the email so he called our company for help with that.
We quickly cut off the conversation with the hacker and told the person they were being scammed. This individual was incredibly lucky that their photo skills were lacking, and the hack was thwarted.
This kind of hack happens every day.
Have you heard about faux packages from Best Buy or other retailers coming to your mailbox with a gift card, letter on letterhead and USB drive? It’s all fake and you can bet the USB drive is loaded with malware.
Never plug a non-verified USB drive into your computer.
To that end, I set a few USB drives around our cybersecurity presentation last weekend (by the coffee, bathroom and in the ballroom) and as we closed our discussion I asked if anyone plugged one into a computer. Had it been from a hacker they would have been infected.
I had some specialized software loaded on the drives that allowed me to see if anyone plugged it in (thanks, KnowB4). When plugged in, a message from me appears on their screen that said you could have been HACKED, but this is only a test.
That was a nice real-life example of how hacking could look and a great way to keep the audience engaged at a conference presentation.
If you have heard one of my cyber-presentations or read any of my cybersecurity columns over the years you have seen and heard a reoccurring message: It takes everyone getting involved to counter the threats that hackers bring to the table.
This year, we have seen tech giants taking new steps to protect us (and themselves) and the state of Florida has also launched new legislation requiring cyber training and not allowing ransomware demands to be paid by state entities.
Those are great steps, but we also see something else this year that looks extremely interesting — a collaboration between Florida’s education system and the Central Intelligence Agency.
The University of Florida is partnering with the CIA to study cyber incidents and how artificial intelligence can help turn the tide of the war against hackers.
The researchers from UF’s newly launched Florida Institute for National Security will be taking the point on the initiative. Launched in May, the institute is part of a billion-dollar effort on behalf of the university to increase its AI footprint.
Researchers will also have at their disposal the third most powerful computer available to a public university — the HiPerGator supercomputer. It’s the most powerful processor in Florida and can hold almost 250 million books and 40 years of video.
This supercomputer helps students and researchers study all things, from medicine to cybercrime.
Working with the CIA, the HiPerGator should produce innovative knowledge on how to deal with hackers and cyber-incidents. One can assume that this partnership will also inspire more around the nation and world as we work together to fight cybercrime.
It will take supercomputers, CISA, Tallahassee Chamber cyber-presentations, the CIA, and all of us to stop hacking.
Do your part, run phishing email simulations and USB drive tests in your office. See who is your weakest link and most gullible and provide them with cyber-training.
Also, think carefully before replying to a strange text, plugging something in (like a USB drive), clicking a link in an email, or giving away personal info over the phone.
One day artificial intelligence-enabled technology will keep us all safe from online threats, but that day is not today.
Right now, the cyber war rages on, so prepare for battle every time you turn on your computer or phone.
___
Blake Dowling is CEO of Aegis Business Technologies and can be reached at [email protected].