Staff in profitable businesses are leaving too much of their personal information online, which could make them vulnerable to extortion from the Russian and Italian Mafia, a former FBI undercover agent has warned.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Joe Pistone, who worked at the FBI for 27 years, said the Russian and Italian Mafia were using data from public sites to launch attacks against businesses and individuals.
"People put too much information on social media sites like Facebook and MySpace," he said.
Users on these sites may include their work details in personal profiles, allowing organised crime gangs to identify them and their company.
Speaking to Computer Weekly prior to a panel discussion at the Institute of Directors with business heads in London today, Pistone said, "Anyone is vulnerable. They will try to find your weakness. It may be money, it may be drugs, it may be women. They will go after vulnerable individuals in your business."
People who put their CVs online may also be at risk, as this could identify that they work, or have worked at companies the Mafia wants to target.
Pistone said the Russian and Italian Mafia have also targeted computer systems, threatening to launch a denial of service attack to lock-up servers unless a large sum of money is handed over.
"Most people will pay the first time, but this is a mistake because the Mafia will just come back," he said. Pistone recommended companies contact the authorities the first time it happens.
Managing a security crisis
Security breaches are inevitable, warned Carlos Solaris, vice president of security at Bell Labs, who was also speaking at the Institute of Directors event. "Despite all our best efforts, security incidents do happen."
Solaris, a former head of network security at the White House, said, "Chief executive officers need to have an emergency response team in place, which has been tested in advance to tackle security breaches."
During any security issue, Solaris recommended that the business have in place its legal council, security experts, spokespeople and brand experts, ready in advance to tackle a crisis.