Ways you, small businesses can guard against online attacks

Cyber, wire fraud subjects of bank forum

Damian Dovarganes / AP

City National Bank sponsored an event to discuss the evolving threat of cyber and wire fraud on Thursday.

Your smart refrigerator can stop you from accessing your bank account in the age of the “Internet of Things.”

The evolving threat of such cyber and wire fraud drew a crowd of dozens wanting more information on how to protect themselves and their businesses to an event sponsored by City National Bank at the Innevation Center on Thursday.

Bank executives discussed complex ideas such as denial-of-service attacks — methods for turning internet-connected items like your fridge into agents of fraud — and Cryptolockers — a type of malware that requires victims to pay a ransom to the virus handlers to decrypt files. They also offered practical solutions for protecting yourself from a threat that costs businesses around the world $115 billion each year.

“It doesn’t take a lot of logic to make sure you can actually impact having these bad actions occur,” said Greg Cunningham, senior vice president of digital channels for City National.

The simplest solutions involve denying access to information, such as not posting vacation pictures or announcing upcoming vacations on social media. Another suggestion is dedicating a single low-limit credit card for online purchases, limiting the amount of damage that can be done if the card is compromised.

Online businesses such as Amazon and Netflix also serve as a treasure trove of usable information for fraud. Hackers can learn personal information and buying habits, then later use those details to craft a personalized phishing email intended to induce recipients to send money.

“We can only protect you as much as you protect yourself,” said Paul Stowell, chief market strategist and senior vice president for City National.

Small- and medium-size businesses accounted for 60 percent of cyber attacks in 2014. Executives detailed some methods for safeguarding them:

• Using positive pay, a method by which businesses advise banks of check information and those authorized to debit in advance.

• Enacting continuing education for all employees, not just those directly responsible for security.

• Enlisting a third-party company to audit the security of a company’s networks, including mobile devices. This can include identifying the “crown jewels” of a company’s information and who has access to it.

• Reconciling accounts and updating vendor information on a regular basis.

• Obtaining cyber-fraud liability insurance.

• Creating a crisis-response plan to inform customers of a breach and to shut down the outflow of data as quickly as possible.

Executives said most data breaches occur through human error such as clicking on the wrong link or unintentionally uploading something to a company’s network.

Tags: News , All , Aggregate
Business

Share