Cybersecurity experts and companies on Long Island are looking for ways to shore up the weakest link on company computer networks : the employee . Local cybersecurity professionals are creating interactive comic books , testing employees with simulated phishing emails — tailored messages that seek to obtain key information , such as passwords — and seeking to convince top executives that the threat of business disruption from hacking requires their attention . “ The biggest problem is not the technology ; it ’ s the people , ” said Laurin Buchanan , principal investigator at Secure Decisions , a division of Northport software developer Applied Visions Inc. Sixty percent of cyber-assaults on businesses can be traced to insiders ’ actions , either inadvertent or malicious , according to a 2016 study by IBM Security . The average cost of a data breach Attack.Databreach for U.S. companies is $ 7.4 million , or $ 225 per lost or stolen record , a June 2017 study by IBM and the Ponemon Institute , a Traverse City , Michigan , researcher , found . Costs related to data breaches Attack.Databreach can include the investigation , legal costs to defend against and settle class-action lawsuits , credit monitoring for affected customers , and coverage of fraud losses . Harder to gauge is the cost to a company ’ s reputation . One of the largest hacks Attack.Databreach ever was disclosed this month , when credit reporting company Equifax Inc. revealed that sensitive data from 143 million consumers , including Social Security numbers and birth dates , was exposed Attack.Databreach . A stock analyst from Stifel Financial Corp. estimated that the attack will cost Equifax about $ 300 million in direct expenses . Investors seem to think the incident will have a much greater impact on At a seminar in Garden City this month , Henry Prince , chief security officer at Shellproof Security in Greenvale , explained how in a ransomware attack Attack.Ransom — one of many types — cybercriminals can buy specialized tools such as those used to send Attack.Phishing phishing emails . The easy availability of that software means that hackers require “ no programming experience , ” Prince said . Phishing emails can be blocked by company email filters , firewalls and anti-virus software . But if one gets through Attack.Phishing and an employee clicks on the link in the phishing email , the business ’ network is compromised . Hackers can then encrypt files , preventing access to them by the company and crippling the business , Prince said at the seminar . Hackers then can demand payment Attack.Ransom , typically in an untraceable cryptocurrency like Bitcoin — a digital asset that uses encryption — before agreeing to decrypt the files . “ Ransomware is a business to these people , ” Prince said . “ Ninety-nine percent of the time , ransomware requires user interaction to infect. ” Della Ragione echoed that sentiment : “ The greatest risk at a company is the employees . Training employees is one of the best steps in shoring up your defenses. ” In response , many local experts and companies focus on teaching employees how to resist hackers ’ tricks . Secure Decisions has developed interactive comics to teach employees ways of detecting “ phishing ” emails and other hacking attempts . The company has gotten more than $ 1 million for research related to the interactive comic project , known as Comic-BEE , from the Department of Homeland Security , as well as a grant for $ 162,262 from the National Science Foundation . The comics , inspired by children ’ s “ Choose Your Own Adventure ” books , feature different plots depending on the reader ’ s choices . “ If you can give people the opportunity to role-play , some of the exhortations by the experts will make more sense , ” Buchanan said . The comics are being field-tested at several companies and Stony Brook University . They were featured in July at a DHS cybersecurity workshop in Washington , D.C. Radu Sion , a computer science professor at Stony Brook and director of its National Security Institute , which studies how to secure digital communications , acknowledged that security is far from a priority for most users . “ Ultimately , the average Joe doesn ’ t care , ” he said . “ You [ should ] treat the vast majority of your users as easily hackable. ” Northwell Health , the New Hyde Park-based health care system that is the largest private employer in New York State , is trying to find and get the attention of those inattentive employees . Kathy Hughes , Northwell vice president and chief information security officer , sends out “ phishing simulations ” to the workforce . The emails are designed to mimic Attack.Phishing a real phishing campaign Attack.Phishing that seeks passwords and personal information . In April , for instance , Northwell sent out Attack.Phishing phishing emails with a tax theme . Hughes collects reports on which employees take the bait Attack.Phishing by user , department and job function . “ We present them with a teachable moment , ” she said . “ We point out things in the email that they should have looked at more carefully. ” The emails are supplemented with newsletters , screen savers and digital signage reminding users that hackers are lurking . Another tool : Non-Northwell emails have an “ external ” notation in the subject line , making it harder for outsiders to pretend to be Attack.Phishing a colleague . “ We let [ the employees ] know that they are part of the security team , ” she said . “ Everybody has a responsibility for security. ” One of the most important constituencies for security is top executives . Drew Walker , a cybersecurity expert at Vector Solutions in Tampa , Florida , said many executives would rather not know about vulnerabilities to their computer systems , because knowledge of a hole makes them legally vulnerable and casts them in a bad light . “ Nine times out of 10 , they don ’ t want to hear it , ” he said . “ It makes them look bad. ” Richard Frankel , a former FBI special agent who is of counsel at Ruskin Moscou , said that company tests of cybersecurity readiness often snare CEOs who weren ’ t paying attention to training . But attorney Della Ragione said high-profile attacks are getting notice from executives . “ Everyone ’ s consciousness is being raised , ” she said . Data leaks Attack.Databreach at Long Island companies have caused executives to heighten security . In 2014 , Farmingdale-based supermarket chain Uncle Giuseppe ’ s Marketplace said that foreign hackers had breached Attack.Databreach the credit card database of three stores . Joseph Neglia , director of information technology at Uncle Giuseppe ’ s , said that after the data breach Attack.Databreach , which affected about 100 customers , the company began scheduling “ monthly vulnerability scans ” and upgraded its monitoring and security systems . For businesses , Stony Brook ’ s Sion said , the cybersecurity threat is real and immediate . “ I need one second with your machine to compromise it forever and ever , ” he said . “ It ’ s an uphill battle . ”

The OurMine hackers are back in the news again . This time the group hacked and defaced the official domain of Unity 3D Forums leaving a deface page along with a note over the weekend . The hack which took place on 30th April allowed the Saudi Arabia-based OurMine hacking group to compromise the forum ’ s security and leave a note stating “ Hacked by OurMine , Your Security is low. ” Unity 3D administrators have acknowledged the hack Attack.Databreach but stated that no password was stolen Attack.Databreach in the attack Attack.Databreach and that the 2FA Authentication will be introduced to the forums for better security . Furthermore , the administrators are also planning to bring Device Identification and Password Policy on the forums . According to the official statement from Unity 3D : Thanks to everyone that have reached out about our forums being compromised – we are on it ! — Unity ( @ unity3d ) April 30 , 2017 One of the team members from Unity stated on Reddit that : After the hack , the Unity 3D forums was down for maintenance though at the time of publishing this article the forums were online and reachable . However , if you have an account on Unity 3D forums it is advised that you change your password . Just in case if you are not familiar with the OurMine then this is the same group who conducted the biggest hack in YouTube ’ s history last month by taking over hundreds of popular YouTube accounts and defacing their titles with # OurMine signature . The same group was in the news for hacking Google ’ s CEO Sundar Pichai , Facebook ’ s CEO Mark Zuckerberg , Co-founder of Twitter Jack Dorsey and several other top media celebrities and news outlets . It is unclear how OurMine hacks Attack.Databreach its victims but researchers believe that the group uses passwords stolen Attack.Databreach from previous data breaches Attack.Databreach including LinkedIn and MySpace . The group is also working on establishing itself as an IT security firm to help companies against cyber attacks , however , it is unclear whether such tactics will give them clients or scare them away . DDoS attacks are increasing , calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator .