Hilbert College played host to a forum on online security in the workplace. While the event was planned weeks in advance, recent global attacks on networks - including one against Erie County Medical Center last month - made Wednesday morning's forum more timely.
Numerous systems worldwide, including the British health system, were affected last Friday by a wide-ranging cyberattack using "ransomware," which blocks access to key files and demands a ransom be paid in order to unlock those files. Last month ECMC's network was hit, temporarily denying access to patient information and forcing doctors to use laptops to keep information until the network was restored.
AT&T estimates there are more than 117,000 cyberattacks on businesses every day. Whether the attacks succeed depends on the abilities of protective software and the actions of employees.
"One of the biggest ways things come to you is via an email," said Allan Griffin, senior security specialist with AT&T. "They've gotten very creative. They offer coupons. They offer you discounts. If an email looks suspicious, don't click on it."
Griffin's company was one of several participating in the cybersafety forum at Hilbert College. The Better Business Bureau of Upstate New York also took part, explaining some of the options available to small and medium business owners.
Attacks against smaller businesses are especially devastating, said president and CEO Warren Clark. Between state and federal fines, and having to reimburse affected customers, the expense of being hacked sometimes forever destroys a business.
"One out of four businesses that get breached will not survive six months," Clark said.
As a former small business owner, Clark appreciates the challenge of staying within financial means while ensuring data is protected. Insurance is one idea to consider. Clark says there are numerous resources that can help owners who have questions about their security.
"The service providers of your web and data are the first line to check," he said. "If you wanted to have someone check for you, there's law enforcement.
"The truth is the FBI, Secret Service, Homeland Security and actually charged with going out into the community now and trying to help people proactively."
Griffin says there's some good news for American-based networks. While some attacks on U.S. companies prove successful, domestic networks have additional patches and upgrading policies that, according to Griffin, offer better protection than on networks in Europe and Asia.
The first line of defense, though, remains the user. Griffin says hackers are getting more sophisticated, often times replicating legitimate websites right down to the logos and fonts. Users, meanwhile, need to improve their savvy to recognize bad links.
"It's very easy to create a site that looks like a (legitimate) site but then it tricks you into giving out personal information," Griffin said.
The U.S. Attorney's Office and the security firm ASIS also participated in Wednesday's forum.
