McHENRY — One in five small businesses falls victim to cybercrime each year. This was just one of many alarming statistics presented during the Garrett County Chamber of Commerce’s Business Before Hours event Tuesday morning at Wisp Resort.
“Small and mid-sized businesses are low-hanging fruit [for hackers] because they don’t believe they are a target, and therefore have very loose or no security systems and protocols in place,” cybersecurity expert Leia T. Shilobod told chamber members during her hour-long presentation. “Cyber actors look for the weakest link in the supply chain.”
Known as the “IT Princess of Power,” Shilobod is CEO of Power InTech Solutions and the author of “Cyber Warfare: Protecting Your Business From Total Annihilation” and “The Three Indisputable Rules Every Manufacturer Must Know Before Purchasing Any IT Product or Service.”
She believes there are two kinds of people: those about to be hacked and those about to be hacked again.
“It’s as simple as that, either you’ve already been hacked (and maybe don’t even know it because most firms do not have the capability to detect breaches, data theft, etc.) or you are actively being attacked by your competitors, criminals and foreign governments,” Shilobod said.
Last year, the FBI notified 3,000 U.S. companies ranging from small banks, major defense contractors and leading retailers that they had been victims of cyber intrusion, meaning before they actually experienced an attack.
“Typically, it’s about 18 months between the time an organization is compromised and the time the compromise is discovered,” Shilobod noted.
One-third of all fraud now targets mobile devices, and global attacks are up 24 percent, she pointed out.
About 68 percent of professions share their passwords across personal and work accounts via their mobile device. In addition, a recent survey found that half of the respondents had no password, personal identity number of biometric security of any kind on their cellphones.
She suggested creating a complex, 15- to 25-character password for each account or login.
“Hackers love to prey on human nature,” Shilobod said about using predictable codes.
She noted cyber thieves don’t sit around just guessing passwords. They use sophisticated algorithms that can easily and quickly recognize patterns and concepts.
“The burden of cybersecurity is on us,” Shilobod said about not relying on institutions, companies and others to protect oneself from hackers.
She recommended using a separate device, such as a Chromebook, to do online banking and only online banking.
“That’s really going to decrease the possibility of you being compromised,” Shilobod said, noting that malware is written for the device and the operating system that it’s trying to compromise.
The top cybersecurity trends to be aware of in 2019, she said, include the following:
• Android operating systems being exploited
• iOS malware proliferation
• IoT, or the internet of things, platform hacks
• Small- and medium-sized businesses becoming a bigger target
• Spearhead phishing for information and wire transfers
• Better social engineering
• Exploit kits dominating the web
“When you feel that you have successfully secured your organization, you become complacent,” Shilobod said. “As soon as you become complacent, you’re not looking for the gaps and the holes, and that is when you end up being breached.”
She suggested the following for a “basic circle of protection”:
• Written security policies for employees to follow
• Extensive employee training
• Cyber liability insurance
Her recommendations for advanced security products include dark web monitoring, password vaults and Next-Generation Antivirus.
The Garrett County Chamber of Commerce’s next Business Before Hours is scheduled 8 a.m. May 21 at Wisp Resort. Sen. George Edwards and Del. Wendell Beitzel will provide an overview of the 2019 Maryland General Assembly session.