Cyberattacks are on the rise
A panel of cyber security experts gave the members of the Portland Business Alliance some unusual advice for protecting their businesses against hackers.
"Google yourself," said Mandy Huth, director of information security for Smarsh, a cyber security consulting firm.
"Watch Mr. Robot on the USA Network," said Mark Goldenberg, a security expert with CenturyLink.
"Call the FBI before there's a problem," said Yaqub Prowell, an FBI special agent working with the agency's regional cyber security task force.
Each also explained why advice could help prevent future cyber attacks — something all three panelists agreed are increasing and growing ever more sophisticated.
Huth said most people would probably be shocked about the amount of personal information on them that is easily available online.
"It will blow your mind how much information about you is out there. That should start you thinking about how to safeguard your identity, and the challenges are much bigger for your businesses," said Huth.
Goldenberg said that Mr. Robot, which is about an unstable cyber security expert recruited by a group of anarchist hackers, is very realistic for a TV show. Huth agreed, calling it much more realistic than NCIS.
"It makes me think about what I can do to protect myself from such attacks," said Goldenberg.
"You should have the phone number of the FBI office at your desk. If you alert us about an attack within 72 hours, there's a good chance we can undo a lot of the damage," said Prowell, who then announced his desk phone number to those in attendance.
"Call me," he said.
Prowell also advised the business leaders at the Nov. 15 breakfast to completely understand where their company's most important information is stored and how it is secured.
"The cloud is not in the sky. The cloud is a marketing term. It's your data on someone else's machine in another building. You need to understand that," said Prowell.
The experts also agreed that most attacks are similar to those that generate the biggest headlines, like the breach at the Equifax credit bureau that exposed personal
information on half of all Americans and
at the Democratic National Committee, that is contributed to Hillary Clinton's defeat
by Donald Trump in the 2016 Presidential election.
"It starts with emails from bad guys disguised to look like real emails your employees should answer. But if they do, malware gets into your computer system and steals your data, which is then monetized and sold," said Prowell, who explained that each step of the process might be handled by a different person or group.
Saying that employees are the weakest link in a company's security system, Prowell urged repeated training on how to spot and avoid falling for the tricks hackers use, like disguised emails. But Huth also said it is important to create a corporate culture where an employee who may have been tricked is willing to immediately report it.
"It's OK to fail. No one can be 100 percent secure. The sooner you learn something has happened, the sooner you can isolate the computers and limit the damage," said Prowell.
Goldenberg said that because cyber attacks are becoming so widespread, Congress is considering radical changes to help people better protect their identifies. Ideas under discussion include dropping Social Security numbers as a primary form of identification because they cannot be changed.
"In the future, your identification number may be more like a password that can be changed," said Goldenberg.
The panel was moderated by Kerry Tymchuk, the executive director of the Oregon Historical Society. Near the end of the discussion, he asked Prowell a question that a lot of those at the downtown Sentinel Hotel wanted to have answered.
"What can you tell us about Mueller's investigation?" Tymchuk asked about the ongoing special counsel investigation into Russian meddling in the 2016 election.
"Absolutely nothing," Prowell replied a straight face.
Jim Mark, the PBA chair who opened and closed the presentation, joked about the warnings from the panelists when it was over.
"I was paranoid when I woke up this morning and I'm more paranoid now," said Mark, CEO of Melvin Mark Companies.