A cybersecurity expert is urging businesses to be proactive in guarding their data and take online threats seriously.
“If you don’t have an [incident response] retainer, you sure should,” Ghostscale founding partner DJ Vogel said Friday during the Cybersecurity Summit in Milwaukee. “When you’ve got a ransomware screen with a little Jolly Roger that pops up on your screen, right, that’s the last time that you want to start making calls and negotiating hourly rates.”
Ghostscale is a cybersecurity consultancy in Madison created by Vogel and other partners, including Tina Chang, CEO of SysLogic. This Brookfield-based IT firm hosted this year’s summit at the Milwaukee School of Engineering, where Vogel addressed a crowd of tech industry professionals, faculty, students and others.
He shared insights on how companies and other organizations should respond when targeted by hackers, which he said are often underestimated by in-house IT staff. Unlike most cybersecurity firms contracted on an hourly basis, he said cybercriminals typically aren’t so limited in time and resources.
“Attackers don’t have that hourly rate, they can continue to dig and dig and dig … They’re bright. They’re going to overcome those constraints that we otherwise have when we do our security testing,” he said.
Data breaches are on the rise in the United States, according to a report from the Identity Theft Resource Center, with ransomware-related attacks making up an increasing number of those cases. The report shows the manufacturing and utilities sector saw a substantial increase in data compromises between 2020 and 2021.
In the case of a cyberattack, companies should immediately take action, Vogel said. He outlined a number of early steps such as isolating and protecting backup data, shutting down critical servers, disabling administrator accounts and making new ones for those fighting the breach, tracking possible indicators of compromise, avoiding direct contact with the hacker and others.
“Best advice here, play dumb,” he said. “Ignore them until you have professional help.”
While hackers will often ask their targets to pay a ransom to get their data back, Vogel warned that won’t necessarily solve the problem. For one, there’s no guarantee the attacker will hold up their end of the agreement. And even if the ransom is paid and the data returned, Vogel noted businesses can be fined by the federal Office of Foreign Assets Control for doing so.
“Why? Because we’re perpetuating the ecosystem,” he said.
Vogel also highlighted the benefits of conducting tabletop exercises ahead of time to prepare for a potential cyberattack, noting those could range from detailed discussions to an actual simulated attack to test defenses. He also suggested creating response plans, including setting possible ransom thresholds for worst-case scenarios.
See a recent story on cybersecurity: https://www.wisbusiness.com/2023/uw-expert-warns-of-ai-cyber-threats-urges-skepticism-about-defenses/
Listen to an earlier podcast with Chang of SysLogic: https://www.wisbusiness.com/2021/wisbusiness-the-podcast-with-tina-chang-ceo-of-syslogic/
–By Alex Moe
