WMUR Reports - Small businesses not immune from cyberattacks, local security experts warn

WMUR Interviews Jeff Stutzman of Wapack Labs on Cyber Threat Solutions
Security experts are advising that small businesses prepare for the threats they face from hackers and malware before it’s too late.

In May, the WannaCry hack paralyzed tens of thousands of computers that run hospital networks, public transportation and scores of other companies and government agencies worldwide. It made ransomware a household word.

“Most small businesses would have no way to protect themselves against this,” Wapack Labs COO Jeffery Stutzman said.

Stutzman contradicted the U.S. government by advising some to pay the ransom demanded by the hackers.

“If you need the ransom, we've gone out and we've bought bitcoins to pay ransoms for others. We paid one a month and a half ago. It was $30,000,” Stutzman said.

According to Stutzman, unless a business took preventative steps, such as backing-up hard drives and running anti-virus software constantly, paying ransom may be the only option. Hackers will typically make good on the ransom so they can get paid the next time.

“These guys want to know that they're going to get paid. They have help desks and technical services,” Stutzman said.

At Wapack Labs in New Boston, cyber analysts comb Twitter, Facebook and the dark web -- which is home to all things nefarious online, including human organs, guns and drugs for sale -- to identify threats and then notify the targets. They often do it free of charge.

“We mainly focus on software, malware and security hosting and carding -- anything to do with fraud or a digital threat,” Stutzman said.

Pedro Sanchez, who used to be a mechanic in the U.S. Marine Corps, is one of Stutzman’s employees. Stutzman, who is a retired naval intelligence officer, believes many military veterans are perfect for this work.

“They know what a threat looks like. They have work ethic. They come to work prepared and enthusiastic every single day,” Stutzman said.

Sen. Jeanne Shaheen, too, is focused on the threat of cyberattacks.

“I think all business today is at risk for a cyberattack. In the last month or so, we've seen two ransomware attacks. The most recent originated in Ukraine,” Shaheen said.

Shaheen said determining government's role in blocking cyber threats is a work in progress.

“I think the government has a responsibility to update our policies so we know how to go after perpetrators but we also need to help small business to respond,” Shaheen said.

Stutzman said small businesses can and should take cyber precautions.

“My advice always is, 'Come to us.' We put up a thing on our webpage that says, ‘For free. We'll tell you how to take care of this,'" Stutzman said.