Cyber-threats can live anywhere


By Neil Amato

McGladrey security expert Daimon Geopfert writes in his bio, “I am not an auditor, but I play one on your networks.” In a recent presentation at the AICPA’s Global Manufacturing Conference, Geopfert showed how easy it can be to break into a corporate entity’s computer system.

While a five-minute video of his recorded hacking example played on the screen, Geopfert explained the code particulars and asked the conference attendees, “Did you think it would be harder?”

Yes, it should be more difficult. It should have auditors concerned. That was the goal of the presentation, or at least the first part. The rest provided a few strategies for attendees to get a better handle on their cybersecurity.

Here are two other notable takeaways from his presentation:

Automation is helping your business, but it’s also helping hackers. The growth of malicious software designed to damage, disable or take over individual devices or entire systems is growing exponentially. Geopfert cited an annual Symantec report about malware generation. In 2004, about 75,000 unique pieces of malware were identified. By 2009, that number was 2.9 million. By 2011: 403 million. Here’s the 2013 version of Symantec’s report, which offers breakdowns by country on numerous cyberstats.

Geopfert said strong antivirus protection will block about 80% of all malware. “That 20% that can still get you – that’s an uncomfortably large number,” he said. Geopfert recommends using several types of antivirus protection – say, one for servers and another for individual computers – to diversify defenses against malware. 

Looking but not touching can still be bad. One lesson we’ve heard before is not to click on questionable links or to visit sketchy websites. But Geopfert said malware can live anywhere, citing the example of a recent McGladrey client. A municipal government employee with an interest in arts and crafts visited an online forum for needlepoint during lunch one day.

Within that site lived malicious code. “All she did was look at the website; she didn’t download anything,” Geopfert said. “One piece of software she was running, Java, was behind on patches.”

The attacker was able to access the computer, zoom around in the municipality’s system and, eventually, steal $1.5 million. The client was able to reverse most of the transactions and get most of the money back but had to spend time and insurance deductibles to do so.