Unaware Business Owners, Workers Biggest Factor in Cybersecurity Vulnerability

By GINA G. SCALA | Jun 12, 2019

Ship Bottom — In the simplest of terms, cybersecurity is the practice of protecting sensitive information from being accessed by people with nefarious intent. As a roomful of small-business owners who attended the third annual Hometown Security Initiative program hosted by the Southern Ocean Chamber of Commerce last week can attest, there is nothing simple about cybersecurity.

Of the three things most commonly linked to the harsh reality of what a cyber hacker can do – motivation, means and opportunity – only one can be controlled by individuals and organizations. That one thing, according to Theresa Misuraca, a cyber threat intelligence analyst for the New Jersey Cybersecurity and Communications Integration Cell, is opportunity.

“Cybersecurity is a people problem. You can have all the technology (in the world) in place, but it comes down to people,” she said. “Cybersecurity is everyone’s responsibility.”

Even the most cautious people can get caught off guard by hackers, especially as they become more sophisticated in their threats to cybersecurity, she said. Ransomware, a type of malware designed to deny access to a computer network or data until a ransom is paid, is a multi-million-dollar business in New Jersey, she said.

“Paying the ransom doesn’t guarantee you’ll get access to your files,” Misuraca said during her presentation at the Ship Bottom Firehouse June 5, noting most hackers are motivated by money. Millions of dollars have been paid to hackers around the world from victims of ransomware.

One victim opened an attachment from a vendor her company routinely did business with, thinking it was just another document, according to a short video Misuraca played for the audience.

“Most businesses won’t report it,” Misuraca said of being hacked. “It goes to security and being trustworthy to customers/clients.”

Her best advice: look before clicking on an attachment. Even then, verify an unexpected attachment was sent by a trusted source by calling the email sender. It’s an extra step for individuals already busy at work and home, but it reduces the opportunity a hacker has at stealing sensitive information, Misuraca said.

Other tips for email security include being aware of emails with poor design, grammar or spelling; ensuring an email sender’s name corresponds to the appropriate email address; and never opening spam or using an enclosed “unsubscribe” link as it confirms the email address is active, according to best practices for general cybersecurity issued by the NJCCIC.

It all sounds pretty simple, basic, even, but the truth is more people are falling prey to hackers by not understanding they’re as susceptible as the next person – especially on mobile devices.

“Android operating systems are the most vulnerable. Beware of third-party apps,” Misuraca said. “Don’t let scamware scam you.”

Whatever you do, she said, don’t reuse passwords or be lazy in setting up passwords. One of the most common passwords, still, is password123.

The Hometown Security Initiative program is held annually in partnership with the New Jersey Office of Homeland Security Preparedness, the federal Department of Homeland Security and the Ocean County Prosecutor’s Office. The goal of the initiative, which was established by the U.S. Department of Homeland Security, is to help local businesses better support the safety and security of their communities.

— Gina G. Scala

ggscala@thesandpaper.net

Comments (0)
If you wish to comment, please login.