[ISN] HIGH-TECH SOLUTIONS: Safeguarding your business

From: InfoSec News (alerts@private)
Date: Mon Oct 22 2007 - 00:07:52 PDT


http://www.tonawanda-news.com/business/local_story_292113848.html

By Joe Olenick
The Tonawanda News
October 19, 2007

After 2001, the FBI mandated that all 56 field offices in the country 
create a “cyber squad.” The group of agents would have one job: 
investigating Internet crime.

The Western New York business community was introduced to a couple of 
representatives of the FBI Buffalo Division’s “cyber squad” at the 
seventh annual Western New York Technology Forum, held Thursday at 
Conference Center Niagara Falls. The forum was designed to bring local 
businesses up to speed on innovations in the technology security field.

FBI Special Agent Holly Hubert and FBI Special Agent Joe Ondercin 
explained why people in business need to be aware of Internet crime, the 
problems it causes and, most importantly, what to do it about it. The 
presentation began with how the FBI dealt with the threat.

“We were really behind the eight-ball with regard to cyber matters,” 
Hubert said. “We have an exclusive squad that deals with cyber matters. 
We have a lot of good expertise and hired a lot of good young agents 
with IT (information technology) experience.”

The FBI is concerned with Internet crime because of terrorist recruiting 
and training Web sites, hackers and child pornography. But the bureau is 
also concerned with industrial espionage, viruses and “botnets,” that 
can be devastating to a company.

“A botnet is a huge emerging problem,” Hubert said. “A botnet is an army 
of infected computers. Your computer is controlled by a criminal. They 
can be as large as a hundred thousand computers. Average home user has 
high speed Internet and probably no firewall. They leave the computer on 
all day leaving them highly susceptible. Those infected computers send 
out spam and can be used for other crimes, as well.”

Hubert said the best way for a company to protect itself is to have 
security measures such as firewalls and restricted access. Better hiring 
procedures work too, because 80 percent of Internet crime in a business 
is done by an insider, she said. She added that businesses, themselves, 
are best equipped to fight this. Hubert stressed the importance of 
reporting crimes and providing testimony when the crimes become legal 
cases.

The Web site, infogard.org, was created as a place businesses can find 
information about Internet crimes and report crimes they come across. 
Ondercin advised reporting anything — no matter how small the loss — 
because a number of crimes could be perpetrated by the same person, and 
that could be enough for a conviction.

“So what do we do? We rely on you,” Hubert said. She described the 
Infogard program as a “partnership” between businesses and the FBI. She 
said most businesses won’t report crimes because they are afraid of the 
bad press but pointed out that most of the time, the story gets out 
anyway.

Is cyber crime a problem that Western New York businesses are 
addressing? The FBI, with the University at Buffalo, conducted an 
anonymous survey, to which 110 local businesses responded. The survey 
found 46 percent of the respondents did not have a budget for 
information technology security.

“Imagine trying to run a project with no funding,” Ondercin said. 
“Doesn’t work very well.”

Of companies that did have some kind of security issue, 34 percent did 
not report it. Another 26 percent did not report because they thought 
law enforcement would not be able to help.

“I’m here to tell you,” Ondercin said. “We will help.”

About 50 vendors specializing in homeland security and technology were 
at the forum presented by Niagara County and infoTech Niagara. Among 
them was David Lowry of the New York Power Authority, whose presentation 
instructed businesses on how to manage e-mail. Niagara County Data 
Processing director Larry Helwig said the forum stretched its budget to 
include as many vendors as possible. He said the event was mutually 
beneficial for vendors and the businesses that attended.

“They (the vendors) need to sell stuff, and it’s great for networking,”



__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com



This archive was generated by hypermail 2.1.3 : Mon Oct 22 2007 - 00:36:15 PDT