RALEIGH – Should you and your business take a threat of a cyberattack from Iran as tensions build in the Middle East? Yes, says the CEO of Raleigh-based Aver, a company focusing on data security and document verification using cutting-edge artificial intelligence, blockchain, biometrics and facial recognition.
Stephen Hyduchak, who at one time worked for PRA Health Services in Raleigh, helped launch Aver earlier this year.
In an exclusive Q&A with WRAL TechWire, Hyduchak warns that executives should not underestimate either the threat or the capabilities of Iranians when it comes to data security.
- Why should North Carolina/Triangle firms be concerned about a threat from Iran?
Since the Triangle is a hub for financial services and large groups of people, firms should be on the look-out for suspicious activity from Iranian customers and foreign IP addresses in “high risk” countries.
- What’s immediate response/steps firms should take if they suspect an attack?
Always evaluate and respond accordingly. Paranoia and fear can cause something to look suspicious. Report to your supervisors and let the whole organization evaluate next steps.
- What are the signs an attack could be underway?
Companies that handle customer onboarding like banks, gaming platforms and cryptocurrency exchanges should be on high alert.
Our financial system is a way to move funds that fund terrorist activity. Seeing new activity from IP addresses in Russia, Syria and Iran that is abnormal from your customer flow should cause concern.
- How does a state-sponsored attack differ from rogue hackers or non-state attackers?
The state sponsored attacks will make their presence known. Rogue attackers look for vulnerabilities in website builds and loopholes to takeover and then hold ransom for that business to get access back.
- Iran is not new to this strategy of attack – how good are the Iranians compared to Russians and Chinese whom we hear about the most?
The Russians and Chinese are supporting Iran in military efforts, so we have to assume the same for high tech attacks.
Making sure your encryption, passwords and 2-Factor authentication are up-to-date for personnel with decision privileges are crucial.
- Is an attack likely to be ransomware, denial of service or what?
Likely to be a combination of many things. Our experience has seen rogue Russian actors taking over customer websites and then holding access until Bitcoin has been received. This can cause a lot of money and havoc to businesses.
- How is your own company prepared?
We are updating our watchlists for all customers, as part of our protocol. Our Politically Exposed Persons (PEP) and Specially Designated Nationals (SDNs) lists are fed directly from the U.S. government. We make sure our customers get the best background checking for their new and old customers. We recommend Know-Your-Customer (KYC) are in place and using newest tech for any firm.