Long before it was being called cybersecurity, David Kramer was protecting people and businesses against hackers.
“I have been doing cybersecurity before it was even considered cool to do cybersecurity,” said Kramer, owner and president of Domain Technology Group Inc. in Wyomissing. “… It was just called computer security, and the hackers were guys that were considered computer wizards.
“Now, these are well-funded organizations, organized crime doing the computer infection. The players are trained and often groups from countries like Russia, China and Syria.”
Kramer, who started his cybersecurity and information technology-managed services business in 1989, dedicates some of his time to training others on cybersecurity.
He said he does various public speaking engagements throughout the year and has written articles on the topic. One of his upcoming seminars will be in conjunction with members of the FBI, who will discuss tactics used by cybercriminals.
“In cybersecurity, the rewards are high and the risks are low,” Kramer said. “The FBI will tell you that there are just too many hackers to go after all of them.”
SMALL-TIMERS AVOID PROSECUTION
Government officials will go after the big money scammers before investigating the small-time hackers.
Kramer said international cybercriminals have a better chance to escape before U.S. authorities can go after them while domestic hackers “end up with a slap on the wrist” and don’t get chased down as much because of the volume of hacker activity.
“A high school dropout can go online and purchase a hacking kit for $75. It is just too easy,” Kramer said.
WORK IN WASHINGTON
Domain Technology is a spinoff of Integrity Data, which was a network infrastructure business that Kramer formed with a business partner in Exeter Township, he said.
“That company was started in 1988, and I bought out my business partner and became Domain Technology,” Kramer said.
Kramer said his firm works with clients throughout eastern Pennsylvania as well as out-of-state.
“We are right now working with a company that provides software for the House of Representatives. So we are doing some work in Washington, D.C.,” he said.
Kramer said cybersecurity makes up at least half of his business, which also offers IT support and network services for mostly small and mid-sized businesses. He said that his team uses tools for network system audits and can do advanced assessments.
The tools or software detect when outsiders are trying to infiltrate the network. For example, it is common to find a perpetrator trying a large number of user names and passwords to get into a system.
A recent scam that Domain Technology was hired to probe involves a fake email being sent to a chief financial officer, purportedly from the company’s CEO, requesting that money be transferred to a specific account. In this scenario, the transfer must be stopped in a timely manner before the money goes into that clandestine account.
“We are getting better at protection, finding encrypted files,” Kramer said. “… We have been doing this for decades,” Kramer said.
BE CAREFUL WITH LOG-ON INFO
Larry Goncea, a cybersecurity consultant at Domain Technology, said he has been with the business for 19 years.
Today, “most attacks have large financial motivation or are sponsored by national groups,” Goncea said. “People are going for the low-hanging fruit and finding it easier to trick someone into revealing his or her password and user name.”
He said in the past, a hacker would sit at the computer and make countless attempts to invade someone’s computer, but everything today is automated. The bad guys have a system that is set to automatically run through passwords and user names to log into a network.
“We are improving our safety measures, but we are not at point where [as a whole] we can secure the entire environment,” he said. “There is always a new way for people to find to attack you.”
MUST DO SOMETHING
According to Kramer, cyberthieves who use ransomware to garble your computer screen and take data hostage want a ransom, and that money can be paid by phoning a call center that the hacker set up in order to take payments.
He said he will fight to enhance cybersecurity and continue to train others.
It is too risky to do nothing to protect yourself against savvy, aggressive cybercriminals, Kramer said, adding that businesses realize it is expensive and damaging to their reputation when they are hacked.
“In the industry, we look at the user as the first line of defense,” Goncea said.