Cybersecurity as a Constant: Mac Talks Hacks and Attacks

January 13, 2022
https://macguyvertech.com/wp-content/uploads/2022/01/pexels-tima-miroshnichenko-5380649-1280x853.jpg

Cybersecurity is no longer as easy as occasionally running a virus-detection program. Hackers are now a highly-organized, intelligent threat to big and small businesses, continuously scanning networks, software updates and remote workplaces for potential vulnerabilities. Steve McKeon (Mac), of MacguyverTech sat down to discuss the “Cyber Criminal and Hacker Pandemic” on the “Best Kept Secret with Jay Kingley” podcast on Centricity earlier this month.

Business owners do a top-to-bottom scrub of their security systems, check that box, then maybe look at it again a year or two down the road. What’s wrong with this picture?

“Well, that’s a good approach to start with. But to be effective in this fast-changing world, do this on a regular basis. It’s good to check that box once, but at least every quarter or even more than that will be better. There are so many companies hacked, or at least something happens every day. And a lot of times that happens because they checked that box one time and said, ‘You know what, we’re good to go with cybersecurity.’

Then things change. These hackers are very sophisticated. They’re not just doing a one-time scan with one tool. They’re changing tactics constantly, and integrating things like artificial intelligence to constantly tweak and find vulnerabilities that weren’t present when the scan was done. Software is an ever-changing system. Web pages change all the time, browsers change, programs and operating systems like Microsoft Office and Windows are always changing. So that’s a very common misconception, just a one-time check and think they’re good. Cybersecurity is all about persistence, and you have to handle it in that manner.”

This is an issue that only large multinational companies have to worry about: Facebook, Microsoft, Amazon, etc. If you’re running your own business, a small or mid-market company, why would they come after you?

 “That’s a bit of a misconception. Hackers know smaller companies don’t have the funds or the infrastructure to proper defend themselves. The hackers have a sophisticated team going after one target, and they’re looking to disrupt business as usual. The misconception is what everybody sees on TV: a kid in the basement wearing in a hoodie, a little bit of an outcast. In reality these are well-trained, sophisticated teams and units working together in tandem to take down targets in unison. It’s almost impossible to defend against them if you don’t have the proper defenses. The normal antiviruses that you might think is a good defense isn’t good enough these days. These guys have great tactics.”

So cybersecurity is an ongoing, rather than episodic activity. It’s not the old antivirus software that it used to be 20-25 years ago. It’s really a multi-faceted approach, which I assume is partly systems, but also partly human. What are some of the things on the human side that companies need to better train their employees about?

 “I think this is the biggest overlooked area – social engineering. They’re using social media and other online services to build profiles on people and their targets. What they do is they’ll impersonate you, or try to be friends. Their goal is to get you to click on a link in an email or web page. As soon as you click that link, the game is over. They get in and they bypass all that sophisticated security, and now they’re behind basically enemy lines. Once they get in, within milliseconds, they’re installing other things to prevent you from removing them and trying to jump to other systems. Meanwhile, you have no idea this has happened until months later; they strategically plan out the attack to take down the company.

Honestly, I believe the biggest thing you can do as a company, is train your staff and have them educated on what these things are, at least at the simplest level. If you see a weird looking email from LinkedIn, bring it up to somebody to have them take a second peek. Even just talking to even your coworker, saying, ‘Hey, does this look right to you?’ Or bring it up to IT when something doesn’t seem right. Just that would save a lot of money and costs for a company or individual, because they’re getting more sophisticated, they’re doing everything they can to get in. And that’s what their main objective is.”

So, if you’re a business owner, and you’re listening to this, what are some things they really need to do to give them the protection and dramatically reduce the risk from attacks? 

 I think number one honestly isn’t even technology, it’s your staff. Get them up to speed, get them some basic cyber training, get them to point out things they think aren’t right. And really be proactive about this; you have to get together as a group, share stories and experiences. Another tactic is also to do some phishing exercises. Test your staff and see who’s the person who will click on those attacks.

On top of that, there’s the security side and IT side. If you haven’t had a good vulnerability assessment scan, get one done immediately through an independent third party. Audit your IT to make sure that they’re doing what they say they’re doing. Because a lot of IT companies say they can do cybersecurity, but they’re not always as proficient at that, because it’s such a different skill set.”

There’s also cyberinsurance now; but if you’re taking out a cybersecurity insurance policy, you’d better read the fine print to make sure every I is dotted, every T is crossed.

“Absolutely. I have a separate cyber policy, separate from all my other workman’s comp, general business insurance, because those types of companies that try to bundle are the first companies to deny your claim. They’re in the business of making money, not in the business of paying out. And the problem is, it’s such an upside-down world right now they’re paying out millions of dollars every single day. They’re trying to do everything to stay afloat, because if they keep paying then they will be out of business.”

This is the first of a two-part interview series with Steve (Mac) McKeon. The entire interview can be heard on the Centricity page here

For more information about MacguyverTech, go here.