Cybersecurity Focus of NC PREP Meeting – | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

RIDGWAY – A local cybersecurity expert discussed how businesses can protect themselves from cyber-attacks on Wednesday through the North Central Pennsylvania Regional Planning and Development Commission’s Partnership for Regional Economic Performance (PREP) program.

Nate Rogers of Omnis Technologies, located in Lewis Run, presented facts and figures on the occurrence of such attacks, which are designed to trick companies and employees into giving them access to their files, locking them and then requesting money as a ransom to get their information back.

Ransomware is the practice of using malicious software to gain access to a company’s information. Rogers said these types of attacks occur every 14 seconds and the average ransom is $4.5 million.

The average downtime companies experience is 22 days. He also said that there are no guarantees companies will get their data back upon paying the ransom.

He said hackers will use social engineering to manipulate people, eavesdropping, postal service mail and even tailgating a car to discern information that could lead them to such sensitive information as passwords.

Phishing e-mails and text messages are also utilized where a hacker poses as a company to secure sensitive information to gain access to accounts.

Rogers said there are an average of 3.4 billion phishing e-mails sent daily and can come from hackers posing as trusted sources.

To guard against such attacks, Rogers said companies should ask themselves if the e-mail is coming from a person they know and does it have a recognizable domain name.

He said ways to check for such scams are to look at the fonts and grammar usage in e-mails. He said to never click any links in such suspicious e-mails.

Rogers also discussed how text messages use the same practices and 2.3 million such fraudulent messages are sent daily.

The encryption process of data, Rogers said, begins in as little as three seconds and uses an impossible key, a chain of letters, numbers and symbols, to prevent the company from regaining access to the information. He said it usually leads to a 100 percent loss of information.

Rogers said that ransom payments averaged $5.3 million per year and increased by 37 percent over last year.

He said best practices for companies to protect themselves is to access exposure, such as blocking suspicious e-mails, blocking malicious Web sites and checking computer software vulnerabilities.

Among the risks are data loss, which is designed to destroy a company’s back-up data, and 14 percent of companies are able to recover data without paying the ransom. However, 19 percent of companies who paid the ransom were unable to recover lost data.

Reputational harm can also occur to employees and companies and could have lasting effects such as gaining new employees and clients. In addition, there is also legal liability.

He said the best way for companies to combat such attacks is to build a response team that meets regularly and discusses best practices, including drills for such attacks.

Rogers said using firewalls, such as routers, and onsite and off-site computer back-ups and switches and servers and a set of policies for handling such incidents are excellent starting points. Also, in the midst of an attack turning off internet access is a great way to halt and attack.

Among the best practices for companies to use, Rogers said, it to implement continued training for employees to recognize spam email and text attacks, along with holding webinars, and using cybersecurity programs such as KnowBe4 and Webroot antivirus programs.

The PREP program is Pennsylvania’s network of business assistance partners and is designed to help companies start, grow and prosper.

To learn more about NC PREP, visit or contact Mikala Biondi at 814-773-3162, ext. 3046.

Alternative Spring Break Trip to Puerto Rico Allows Students to Serve and Learn
Domestic Relations Office Issues Warrant List


Click Here For The Original Source.

National Cyber Security