weather icon Partly Cloudy

Expert: You’ve been hacked and you probably don’t even know it

There is no such thing as a computer network that has not been hacked or compromised, a leading expert said on Nevada Newsmakers.

“The experts today say there are only two types of computer networks,” said Ira Victor, digital forensic analyst for DiscoveryTechnician.com. “Those are networks that have been compromised and the owners of those networks know where they have been compromised, how far and what data; and networks that have been compromised and the owners don’t know where the compromises are and how far they have gone in and what data.

“We are at that point and with the experts, that is pretty much the consensus on that opinion,” Victor said Monday. “All networks are compromised and it’s just how much you know about it and how much you don’t.”

Businesses and other entities with computer networks may not be aware of the hack but can still be compromised, Victor added.

“They do other types of techniques that are exploiting the networks but they keep a low profile so that the people that are running the business or working the business have no idea,” he said.

Firewalls and other computer security services are not security blankets for computer systems, Victor said.

“So anti-virus (programs) and firewalls, you want to have them but they only offer very minimal protection,” he said. “They do not keep the bad guys out of your network.”

Victor, who has testified about cybersecurity at the Nevada Legislature, said the state of Nevada (and many businesses) can’t afford to secure every bit of information in their systems. So those entities should concentrate on what is the most important data that needs protection.

“The first thing I would suggest for the state (of Nevada) is that the state needs to have an inventory of what information they have and rank it in terms of the most valuable information and start concentrating their resources on protecting the most valuable information,” Victor said. “Guess what? That is a recommendation I have for all businesses and all organizations.

“If the bad guys are in your network — and they are — and if they are there persistently — and many times they are — then it is often not cost-effective to protect everything, every little shred of information and every single communication in your network. So we need to rank them and say, ‘What is our most valuable asset? What are our crown jewels? And then, concentrate our resources on protecting our most valuable assets.”

Business and government don’t earmark a lot of money toward cybersecurity, Victor said.

“We’re not going to get a lot of money for information security,” he said. “Let’s just be realistic about this. It is the same as in business. So you’ve got to concentrate your energy on the crown jewels — the most valuable information — and acknowledge that is what you are going to do.”

Security, risks

“Information Technology,” or IT, is not the same as information security, Victor said.

Culturally, the people in IT are taught to deliver services on time and on budget.

“The cyber criminals are breaking into networks with such frequency and such ease that they don’t always exploit that network right away,” Victor said. “So if we have less than $10,000 to spend, we figure out a way … so we’ve got to ‘stand up’ those systems, as we like to say, and deploy them and do the best we can with the $10,000 we have over the next three years. That is the culture of IT.

“In information security, we look at risk, our culture is about risk,” he said. “What is the data we have? What are the risks? How do we mitigate those risks?

“And then we go to our decision-makers and say, ‘Here are the risks. Here are the liabilities. If you want (to) protect that data, here are the steps that need to be taken.’”

When government agencies or businesses try to protect all their cyber information, that is a good thing for the “bad guys,” Victor said.

“There is a laundry list of valuable information that organizations have,” Victor said. “And they are not doing enough to protect it. Now some of it has to do with economics. It’s expensive. That is why we’ve got to concentrate our efforts and say, ‘Hey, these are our most valuable information assets and we’re going to protect them and really do a strong effort to do so. And we are not going to stop the cyber criminals until we do that. I mean, bad guys are having a field day because we’re saying, ‘Well, all of our information is valuable, and then none of it gets well protected, or not enough of it gets well protected.”

Ray Hagar is a journalist for the “Nevada Newsmakers.” More information on the public affairs broadcast program, podcast and website is available nevadanewsmakers.com

Don't miss the big stories. Like us on Facebook.
Two transported after collision at Hwy 160, 372

Two people were transported to Desert View Hospital following a two vehicle collision at the intersection of Highways 160 and 372 at approximately 1 p.m., on Thursday June 17.

Hit and run crash leads to power outage

A hit and run crash led to a power outage on Wednesday, according to authorities..

Cooling stations open in Pahrump

As triple-digit temperatures are expected to extend into next week and beyond in Pahrump, there are some area residents whose homes are not adequately adapted to handle the heat.

Social services fair deemed a success in Nye

The Nye County Social Services Fair attracted more than 200 families and individuals seeking information on the various services provided by the county and other area entities.

Nye County to receive additional $9 million in federal COVID monies

One year after the announcement that Nye County would be receiving $8.5 million in federal dollars thanks to the passage of the Coronavirus Aid, Relief and Economic Security, or CARES, Act, a second round of federal monies is making its way to local governments and the county is expecting to receive another COVID-19 windfall, this time for over $9 million.

Zambelli prepping for Pahrump’s Fourth of July Fireworks Show

Last year, the COVID-19 pandemic derailed the traditional town of Pahrump Fourth of July Fireworks Show, forcing town officials to restrict access to the park and require that attendees stay in their vehicles to watch the fantastic display, much to the chagrin of the general public. This year, however, things are returning to normal and the entire community will have the opportunity to head out to Petrack Park on Independence Day and relax in the grassy fields for what Zambelli Fireworks crews are promising will be an incredible pyrotechnic experience.

Natural Vibes fundraiser to benefit Clean Up Pahrump

Natural Vibes Wellness and Nutrition Center is continuing in its mission to give back to the local community, with another fundraiser set for this coming Saturday and this time, the beneficiary will be Clean Up Pahrump, a nonprofit organization with the goal of dedicating time each week to picking up trash and removing debris from the valley’s roadways and stretches of unoccupied land.