Community//

“Depending on the breach and the company’s infrastructure”, With Jason Remilard and Alex Artamonov of Infinitely Virtual

There’s a recurring theme here: regardless of the budget and company size, I recommend that businesses invest in security awareness training, two-factor authentication, proven anti-malware software, an advanced anti-spam service, a well-planned backup strategy and a reliable, preferably read-only, system. As a part of our series about “5 Things You Need To Know To Optimize […]

The Thrive Global Community welcomes voices from many spheres on our open platform. We publish pieces as written by outside contributors with a wide range of opinions, which don’t necessarily reflect our own. Community stories are not commissioned by our editorial team and must meet our guidelines prior to being published.

There’s a recurring theme here: regardless of the budget and company size, I recommend that businesses invest in security awareness training, two-factor authentication, proven anti-malware software, an advanced anti-spam service, a well-planned backup strategy and a reliable, preferably read-only, system.


As a part of our series about “5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Alex Artamonov, a systems engineer and cybersecurity specialist with Infinitely Virtual. Skilled in VMware ESX, Microsoft Server and desktop operating systems, HP Proliant, and HP Blade servers, Artamonov holds a series of cybersecurity certifications from the University of Washington. He is a regular contributor to industry trade publications, such as Dark Reading (In 2019, Cryptomining Just Might Have an Even Better Year), Mission Critical (Breaking Out Of The Containerization Box), and SecureBlitz (Taming the IoT in the Wild), and regularly called upon for his expertise on cloud security related issues by the media.

Artamonov first got hooked on computing at age 13. Having broken a machine in the early going, he set about fixing it and, as Infinitely Virtual customers can attest, the rest is history. While in ninth grade, he helped his local library organize its first Internet-connected PCs for public use. Growing up in an era of 14.4kbps modems, Artamonov taught himself computer security through trial and error, relying heavily on underground online forums, magazines and groups. He remains a voracious consumer of information on cybersecurity, with a special emphasis on social engineering.


Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I moved to the U.S. from Ukraine when I was 9 years old and got my first computer at age 12. I was immediately interested in how it worked and then started to break and fix it. As my interest grew, I ventured out into online chatrooms and found peers with similar interest; the rest is history.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

As a young kid, in the early days of AOL and dial-up modems I started to interact with people all over the country and the world. And I was interested to see how things work internally, which brought me to the world of hacking.

Can you share the most interesting story that happened to you since you began this fascinating career?

I once had to deal with a prolonged DDoS attack that also became an invaluable learning experience — for the company and for me personally. The bad actors in question started the attack and sent a ransom email requesting money to stop the assault. While the perps used multiple methods to deny access to resources, we were able to mitigate the threat in a surprisingly short period of time. Our mitigation efforts forced us to put our incident response plan to the test. At the same time, we were able to better gauge DDoS protection services and tune them accordingly. It was essentially a cat-and-mouse game; as we made changes to the DDoS filters, the bad actors switched their attack methods. As soon as we implemented our response strategy — developed to derail the game — we were able to blunt the threat without paying a ransom or incurring significant downtime.

None of us is able to achieve success without some help along the way. Is there a particular person to whom you are grateful who helped get you to where you are? Can you share a story about that?

Adam Stern, the founder and CEO of Infinitely Virtual. I owe him a debt of thanks in taking a chance on hiring me more than 10 years ago, and helping me advance personally and professionally.

Are you working on any exciting new projects now? How do you think that will help people?

My work typically involves troubleshooting and problem-solving for clients. While I am not working on any projects per se right now, I’ve recently started to develop an innovative idea and it’s now percolating. It’s just a bit too early to discuss.

What advice would you give to your colleagues to help them to thrive and not “burn out”?

Work-life balance is important. No matter how demanding a job is, you must always take some time away from the screen. What helps me most is not checking emails and avoiding computer use for at least one day each week, usually Sunday. That’s my general advice for everyone. But for anyone in IT, another important tip is finding and working on interesting projects. Those projects can be anything that isn’t related to day-to-day work. And never be afraid to ask for help.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the cybersecurity industry? Can you explain?

The three things that excite me most are advancements in technology, the transition of young minds from black hats to white hats, and changes in education.

Technology has evolved greatly in recent years, in an effort to respond effectively to ever more pernicious threats. As concerns around privacy continue to grow — and companies realize the impact a security breach can have — developers are compelled to come up with innovative ways of countering those threats. One such example: anti-virus companies are starting to use AI to mitigate threats.

We are also seeing younger professionals flock to this field — some inexperienced, some relatively more experienced. As more companies realize the importance of security and offer payment for vulnerability disclosure — commonly referred to as “bug bounty” programs — many are moving from illegal hacking activities to projects centered around securing systems and saving companies from potential data exposure.

Another exciting thing about this industry is education. Cybersecurity programs are increasingly popular in universities, schools and online. Some larger companies are even offering-on-the-job training focused on security. It’s an encouraging development.

Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?

For me, deep fakes are at the top of the list of emerging critical threats. The risk is just huge. The easier it becomes to impersonate someone with video and/or audio, the harder it will be to combat the threat with the tools at our disposal today. Human factors always show organizations at their most vulnerable. While we are able in most cases to teach our users do’s and don’ts, this is entirely new territory.

Do you have a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?

One recent experience stands out because it offers some useful lessons. Without disclosing too many details, a financial institution was compromised via phishing. Once that user’s account was compromised, the threat actor continued to explore and found a plain text file with other usernames and passwords, some even privileged. Two things should be obvious here: first, users should be careful about files they open; second, don’t write down a password on a PostIt® note. The threat actor went on to infect the servers with ransomware. At that point, we were called in to help remediate the damage. Thankfully, having a good, recent read-only backup helped bring the business back online quickly. All passwords were subsequently changed and two-factor authentication was implemented. I highly recommend using two-factor authentication wherever possible — even internal-only systems. Had two-factor been used at the outset, the threat actor would mostly likely not have been able to cause further damage, even with the purloined credentials.

So, the takeaways are these: use strong passwords, implement security awareness training, lock down computers, keep them and anti-virus software updated, implement two-factor where possible, and most of all, have current read-only backups available.

What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers, can you briefly explain what they do?

I use Nessus vulnerability scanner and a SIEM. The vulnerability scanner enables me to schedule and run ad-hoc scans of our entire environment to find potential threats. The SIEM aggregates multiple log sources and, by correlating data, helps me find threats that might elude a scanner.

How does someone who doesn’t have a large team deal with this? How would you articulate when a company can suffice with “over the counter” software, and when they need to move to a contract with a cybersecurity agency, or hire their own Chief Information Security Officer?

The key variables are company size and the nature of the business. Generally, I recommend that companies talk with an IT expert, regardless of their size. CISOs are increasingly affordable for small businesses, whether on a permanent or a contractual basis. The fact is, every company is a potential target, no matter how large or small, so it’s now mandatory to invest in a good security program/service. Over-the-counter software can be effective for many organizations, and innovative solutions continue to come to market at brisk pace. Use a good anti-virus solution, keep your systems up to date, and enroll your users in an online security awareness program. If keeping on top of updates is a challenge, hire someone or contract with an MSP that fits your needs and budget.

As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a lay person can see or look for that might indicate that something might be “amiss”?

Telltale signs of a breach do exist; they may include unusually slow computers or Internet connections; loss of access to some important document; existence of strange new files or changed file extensions; replies to emails that were never sent; and/or unusually low rate of incoming emails.

After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?

Depending on the size of the company and the severity of the breach, the company should hire an outside firm to investigate and then notify customers. The first notification does not have to be overly detailed; an explanation after the investigation is concluded should, however, contain details. During the investigation, updating customers regularly is important. Steps must be taken early on to remediate the problem by restoring backups, changing passwords, etc. depending on the breach and the company’s infrastructure.

How have recent privacy measures like The California Consumer Privacy Act (CCPA), CPRA GDPR and other related laws affected your business? How do you think they might affect business in general?

While these laws have existed for some time, many still have a hard time understanding them and what they actually affect. They have, however, forced many businesses to pay closer attention to their customers’ personal information, and to consider the overall impact of a data breach. Most are taking additional measures to secure their data and offering customers the option of removing personal data on request. While taking those kinds of steps can be complex, the net effect for any business should be positive.

What are the most common data security and cybersecurity mistakes you have seen companies make?

Single biggest mistake a company can make is thinking that it’s invulnerable or not a target. That attitude has caused businesses to overlook threats or put off even simple tasks, such as installing updates, which often leaves a company vulnerable to older but pervasive threats.

Since the COVID-19 pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?

Because many companies now have staff working from home, organizations are realizing they have little to zero control over their employees’ personal computers. At the same time, employees equipped with a work laptop may not have implemented remote access protocols properly, owing to time or budget constraints. Fact is, very few companies were equipped to run businesses remotely, which in turn led many to make common mistakes.

Ok, thank you. Here is the main question of our interview. What are the “5 Things Every Company Needs To Know To Tighten Up Its Approach to Data Privacy and Cybersecurity” and why? (Please share a story or example for each.)

There’s a recurring theme here: regardless of the budget and company size, I recommend that businesses invest in security awareness training, two-factor authentication, proven anti-malware software, an advanced anti-spam service, a well-planned backup strategy and a reliable, preferably read-only, system.

As noted, these basic steps can mitigate most of the security risks businesses face. With a good anti-spam system, a dangerous email could have been blocked before reaching a user’s mailbox. Had the employee participated in security awareness training, he or she might have been able to spot the malware attached to the email. Or the infection could have been prevented with good, up-to-date anti-malware technology. But even if the system were to get infected, further damage could have been stopped with two-factor authentication. And a good backup system — often the solution of last resort — can save the day, because a threat actor can’t alter backups; an environment can be restored with minimal loss of data and the company in question can be back in business.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. 🙂 (Think, simple, fast, effective and something everyone can do!)

I’d like to end ransomware attacks forever and give power back to users. The best way to do this is through customer/client education. With education, we can do more to help organizations protect themselves and stop falling victim to phishing and other malicious attacks. It’s clear that, on a global basis, organized crime has become involved in disrupting cybersecurity. To reduce or eliminate the threat, we need to make it more difficult for ransomware to work. If we stop the flow of money; we can begin to turn the corner on these attacks. In the end, it really does boil down to the individual and his or her knowledge.

How can our readers further follow your work online?

Check out my LinkedIn account for links to other articles I wrote and will write in the future.

https://www.linkedin.com/in/alex-a-b380567/

This was very inspiring and informative. Thank you so much for the time you spent with this interview!


    Share your comments below. Please read our commenting guidelines before posting. If you have a concern about a comment, report it here.

    You might also like...

    Community//

    “Align your policies with your actions”, With Jason Remilard and Debbie Reynolds

    by Jason Remillard
    Community//

    “Don’t get complacent”, With Jason Remilard and Rick Klemm of Liquid Web

    by Jason Remillard
    Community//

    “Encrypt data at rest”, With Jason Remilard and Marijus Briedis of NordVPN

    by Jason Remillard

    Sign up for the Thrive Global newsletter

    Will be used in accordance with our privacy policy.

    Thrive Global
    People look for retreats for themselves, in the country, by the coast, or in the hills . . . There is nowhere that a person can find a more peaceful and trouble-free retreat than in his own mind. . . . So constantly give yourself this retreat, and renew yourself.

    - MARCUS AURELIUS

    We use cookies on our site to give you the best experience possible. By continuing to browse the site, you agree to this use. For more information on how we use cookies, see our Privacy Policy.