Sue Downes, who lives in Garrison, is a longtime computer security consultant currently employed by McAfee as a customer success manager.
Last month Chris Inglis was sworn in as the nation’s first national cyber director. What will be his biggest challenges?
With the government, there are so many agencies that have to work together. It can happen, but I’ve been working for cybersecurity vendors for a very long time and it’s a monster, what’s going on now with ransomware [in which hackers demand payment to release control of a system]. The last big one shut down the Colonial Pipeline, which crippled fuel supplies for 50 million Americans. It’s a business model [for criminals]; it’s not kids in their basement hacking.
How do most ransomware attacks occur?
Through “spear-phishing,” which is when you get an email with a friend’s name on it and it says something like, “Thought you would enjoy this,” with a link. If you click on the link, it will take you to a website that will download malware that will give the hackers access to your hard drive. They’ll come back and say, “We have your information, you can’t get it right now and this is what you have to pay.” There was a time when it happened a lot to regular users, but the bigger targets now are companies and their employees. I never click on links in my emails. If it’s not clearly fake, I’ll call my friends and say, “Did you send this to me? What is it?”
Are people more lackadaisical with smartphone security?
I think so. I have friends call me all the time with things they did by mistake. “I clicked this, they told me to like something and now my phone doesn’t work.” Never click on a link in a text from someone you don’t know! That’s my mantra: Do. Not. Click.
What’s the biggest mistake companies make in regard to cybersecurity?
Not keeping up with the Windows updates, the security updates. There are a lot of companies that have outdated operating systems, and some of the breaches are because of vulnerabilities in those old systems. One of the reasons they don’t get updated is because companies are short-staffed right now.
What about the rest of us?
On Facebook, you will see posts asking people who their first boyfriend was, or their favorite teacher. And people respond! I see thousands of comments. I think, “What are you doing?” The hackers are harvesting personal information so they can access your accounts. It’s usually things that are answers to the three to five security questions you have to pick when you set up an account. I keep a low social media profile. The more information you have out there, the worse it is for you.