LONG BEACH, Calif. — When it comes to cybersecurity, Savoy Wilson says you can never be too careful.
The longtime IT professional and CEO of Click-Pro, Inc. knows all too well what happens when a business doesn’t secure or back up its computer systems.
What You Need To Know
- One local IT professional reported that business owners don't always prioritize protecting their computer networks
- It’s not only small businesses at risk
- Last month, the federal government revealed it was hit in a massive Russian-linked cyberattack
“I’ve seen it happen too many times where somebody, you’ll walk in there in the morning, and nothing works,” Wilson said. “Nothing works, customers are calling, they need things done.”
Wilson has spent 20 years helping Southern California businesses protect their computer networks, which he said owners don’t always prioritize. He added that hackers are always looking for a way in. All it takes is clicking on a wrong email or suspicious link for criminals to gain access to your computer, company’s data, and potentially sensitive information.
“So a doctor’s office has a patient’s information, social security number, their medical history, a lot of times they have credit cards stored on-site,” he said.
It’s not only small businesses at risk. Last month, the federal government revealed it was hit in a massive Russian-linked cyberattack that breached the Treasury and Commerce departments and other federal agencies and companies. U.S. officials are still investigating the extent of the hack in which criminals infected a software system created by the Texas-based company SolarWinds, which is used by thousands of clients — including the U.S. government.
Joshua Belk, an advisory member at L.A. Cyber Lab and former FBI chief security officer, explained that this cyberattack was unique.
“The last couple of years, we’ve been talking about the bad guys evolve, and in this case, SolarWinds demonstrates the ability of malicious actors to create a code that goes through various levels of security and doesn’t get flagged,” Belk said. “That’s the really scary takeaway of it.”
Belk noted that code went undetected for months.
“It sits for a while, and then after that, it starts searching around internally to see if there are different kinds of virtual environments there, or what on-premise different software capabilities they have, and it watches, how is your network responding to the callouts,” he said.
Belk estimates it can cost a company tens of thousands of dollars to investigate and fix a breach like this, and added that we could see similar attacks in the future.
"There is going to be another version of this," he said. "It’s going to evolve. It’s going to take on some other form. It’s probably already baked into some other product that is out there, unbeknownst to us."
Belk said ramping up cybersecurity is the best defense, and President Joe Biden’s $1.9 trillion COVID-19 relief plan is prepared for it. It allocates $9 billion to modernizing computer systems at federal agencies in the wake of the SolarWinds cyberattack. The plan also includes $690 million to boost cybersecurity efforts and $200 million to hire cybersecurity experts.
As for small businesses, Wilson said it’s worth protecting your computer system now to save a lot of headaches later.
"I tell people all the time: You don’t have a business if it’s not backed up and secure."