Cracking the cyber-threat code - Westfair Communications

The scope of the 21^st century business “goes well beyond your building,” said computer forensics and security expert Darren Hayes at a recent Westchester County Association cyber fraud forum at the DoubleTree Tarrytown.

Maryann Goldman and Christopher Stangl, FBI special agents.

Computers, texts and social media have transformed the most local of firms into global operations. “Your business is everywhere, it”™s mobile” said Hayes, Pace University”™s chairman of computer information systems.

Keynote Speaker Christopher Stangl, a supervisory special agent for the FBI, told the audience that the No. 1 threat to New York is its financial infrastructure.

“Hackers often have a network of people on the ground in the U.S. who move money or data out of the U.S. and back into eastern European countries,” Stangl said.

He called the U.S. a “favorite target of many hackers.”

The problem is: “Folks affected by the economy and who can”™t get a good-paying job can make more money writing malware instead of getting a legitimate job.”

Last year in New York, there were 14,609 complaints filed with the Internet Crime Complaint Center, a collaboration of the FBI, National White Collar Crime Center and the Bureau of Justice Assistance.

The number of complaints of crimes related to cyber fraud and stolen identity soared in 2009, up 33 percent from the previous year.

An estimated total dollar loss of $265 million was reported by the complaint center.

The repercussions of being hacked are great, but small businesses can come to a crossroads when enforcing security policy.

“It”™s asking, ”˜How as a business do you balance adequate security restrictions with a company”™s need to be productive and how do you educate employees so they don”™t open up cracks in your wall?”™” asked Erica Martinson, director of risk management services at The Rollins Agency Inc. in Rye Brook.

Stangl recommended business owners continue to assess their vulnerabilities and ensure their systems are up to date. Immediate action is pertinent.

“When intrusion happens and you call us six months later, often IP addresses aren”™t there anymore,” Stangl said. “We need to know immediately or we lose critical time in capturing the threat overseas.”

And with Facebook and LinkedIn all the rage, it”™s important to have set boundaries.

“Your marketing department might be saying, ”˜Yes!”™ and risk-management might be saying, ”˜No way,”™” said Don Garvey, chief information security officer for The Chubb Corp. in Warren, N.J.

Stangl said Facebook is a “great wealth of information,” but can often open a company”™s doors to targeted phishing attacks.

“It”™s a double-edged sword.”

If you know you”™ve been hacked, Stangl recommends the following: “Contact the local police to file a police report. Many creditors will want to see when you file a claim that you filed a police report. Then, contact the creditors and alert them of a possible sign of a fraud. Next, contact the credit reporting agencies to file a report and to put a flag on your account, which gives you free access to your credit report. Then, file a complaint on Ic3.gov.”