Nearly every business operating today relies on technology, from email to websites to accounting systems. These tools help us move fast — but they also open the digital doors to a new breed of bad guys called cyber criminals. And they’re not just going after billion-dollar mega-corporations, according to Kevin Wade, president and CEO of Intellisystems.
“A lot of small and medium companies figure they’re not on the radar in terms of cybercriminals, but the fact is you’re just another IP address on the internet,” said Wade, whose company provides support for a variety of business technologies, including IT, telephone service and systems, infrastructure-type systems such as cable and Wi-Fi, and cybersecurity.
“If you have something they can hit on, which is usually money, then you’re vulnerable,” he continued. “That’s the thing I want to stress: They’re not trying to get to your computers. They’re trying to get your money. This happens right here in the Midlands. Five- to even one-person companies, mom-and-pops as we call them, on up through companies with thousands and thousands of employees - and everything in between - are vulnerable.”
Ransomware is just one of the serious digital risks Intellisystems works to combat. “A criminal finds a way to get into your system, such as a social trick where they get someone to click on something in an email, and then they’re able to get in and get a hook inside somebody’s computer,” Wade explains. “It doesn’t always happen immediately. It could fester for months before they implement the process that takes over the systems.”
Wade said the first line of defense against ransomware is preventing it. “We incorporate a large number of cyber tools that try to keep employees and end-users of your company from going to the wrong place. We also incorporate ongoing cyber awareness training. We show you what these things look like and what they’re going to ask you to do, so it raises awareness. For instance, we can push out fake emails just to see who clicks and maybe recommend some additional training to them.”
Wade said the company incorporates highly skilled technical engineers and software tools that can keep users from going to bad websites, and to monitor network traffic or email traffic to watch for signs of ransomware.
“And if for some reason we’re not able to prevent it, the best thing is to have a good backup where we can go back five minutes ago, an hour ago, or two days ago to the point where we had some known good information and we can put it back like it never happened,” Wade said.
Email hijacking is another type of cybercrime that’s becoming a difficult problem for a lot of companies, Wade said. “A lot of people think it’s just the luck of the draw if you get hit. Well, no, this is a job for criminals. This is a financial endeavor for them. They research who’s at these companies, and they figure out what their email addresses might be. Once the criminal gets into one of companies’ employee email addresses, they can send and receive emails just like the employee. The employee never knows it’s happening. The criminal can send instructions to transfer money or ACH funds to somewhere they’re not supposed to go.
“For instance, we have a client where someone registered a domain name with their name but with an extra ‘s’ so it looked like their web address. The criminals even had a couple of email addresses they could use. They used the fake domain name to email a contractor our client was using to build out a building. The project had been publicized so the criminal knew what company was moving into the building, what company was building it, and what company was financing it. That’s one method, and to be honest with you, nobody did anything wrong here as far as the end consumers. The criminals were just very good at looking at circumstances and situations and understanding who’s the buyer, the customer, and the bank.”
Real estate transactions are the biggest opportunity right now for email hijacking, Wade said. “Say you’re the buyer of a new house and you need to make a downpayment. If the closing attorney’s email is compromised in the process, the attorney has no idea this has happened, but the criminals are able to send and receive emails now just as if they’re employees of the company. The criminals will watch and see what transactions go through. When they see the opportunity for the downpayment, they send the buyer wiring instructions on where to send the money, and it goes to the criminals. You really get into a complex maze of liability here, and it gets very complicated to sort out. Often, a substantial amount of money is lost.
“Intellisystems provides a great deal of expertise, as well as the ability to try to keep this from happening. We use tools to watch the creation and movement of new files and folders, so we can monitor for when something like this occurs, and we can stop it. And if it does happen, we can remediate it.”
Intellisystems has been staying a step ahead of cyber criminals in an ever-changing technical market for more than 30 years, Wade said. “We’ve been at this a long time. When we started out, it was pretty simple: You loaded an antivirus program on your computer, and it mostly kept you safe. Then in the 2000s, we started getting what we call ‘zero-day vulnerabilities,’ where a virus comes out that nobody’s seen before. So for a couple of days, you were vulnerable until the antivirus program had a download that updated it. These days it’s more active. You can put antivirus software on a computer, you can have a firewall on your network, but a firewall these days is kind of like having a screen door on the interstate. Somebody who wants to get in just has to punch their fist through it – figuratively speaking.”
Wade says Intellisystems also often performs assessments for companies that are satisfied with their current IT provider. “We’ve often worked out arrangements where we come in and check everything out, make sure everything is like it should be. Then we can recommend things to your current provider, or if you want us to do it, we can certainly do that as well. We also can do some a la carte pieces. If you like the people you’re using for IT support but would like to have a little better feeling about the cybersecurity processes and procedures in your business, we can layer our support services on top of what your IT provider is doing. You can’t be too safe, and a second opinion is always a good thing.”
IntelliSystems has the certified, experienced people; hardened processes; advanced cyber tools; plus proven policies and procedures to keep businesses from getting hacked.
Learn more about us at www.IntelliSystems.com.
You must be logged in to post a comment.