Speaking before a crowd of IT managers, FBI Special Agent Jim Hegarty couldn’t help inserting amusing anecdotes about New York wiseguys and Soviet intelligence agents.
The crowd-pleasing stories, gleaned from years of field work, could have come straight from “The Sopranos” or spy novelist John LeCarre.
But on the main topic of the evening, Hegarty’s message was sobering: “You’re going to be a victim of cyber-crime, it’s going to happen.”
Hegarty, who oversees a team of IT investigators based in Boston, outlined ways to prevent some attacks, or at least, limit the damage they cause. His remarks came at a Boston security forum sponsored by Lighthouse Computer Services.
Most safeguards relate to people and procedure, rather than technology. Three of four cases handled by Hegarty’s team involve insiders — employees passed over for promotion or slighted in some other way, real or perceived, or workers who have been fired or laid off. Given the state of the economy this threat will get worse before it gets better.
Companies must have a system in place when employees are let go, Hegarty said. Log-ins and passwords need to be changed or disabled and the former employee’s permissions to access databases and other sensitive information must be canceled.
“Once you let a person go, you have to look at them as a security liability,” Hegarty said. “That may sound cold but it’s the truth.”
Current employees must also understand the importance of security and their role in protecting it. For example, companies should outline their privacy policy to employees and have guidelines for opening e-mail or visiting sites that may contain viruses.
Telecommuters must be aware of home-use policies. Allowing family members use their computer could lead to trouble. Along the same lines, passwords should expire and require updating after a certain amount of time.
There are technical steps IT managers can take as well. For example, logging network activity is key, without a digital record of the crim, prosecution is case is virtually impossible, Hegarty said.
He also stressed the importance of patching software vulnerabilities. Patches are usually free and easy to install. Not doing so is like leaving a door to the network unlocked. Also, companies evaluating new technology must make security a top priority in the decision whether to implement.
“We are deathly afraid of wireless (Local Area Networks) because people don’t know what they are doing when they set them up,” Hegarty said. “They define success as getting on the Internet.”
Finally, when a company is victimized by hackers, Hegarty stressed the importance of immediate reporting to the FBI.
The agency handles cases involving more than $5,000 in damage, which can include down-time costs, overtime for troubleshooters, or outright theft of intellectual property.
“Do not wait,” Hegarty said. “Waiting is a terrible, terrible thing.”