KEDC receives grant for second year in a row based on stellar track record

By | Uncategorized

For about three years, a diesel engine company in Bakersfield was a member of Kern Economic Development Corporation — but now it is a direct beneficiary.

The company, Central California Power, is one of nine small to medium-sized businesses in Kern County that added a total of 26 employees thanks, in part, to business consulting from the KEDC.

And that record earned the KEDC a second straight grant of $80,000 from the U.S. Department of Agricultural Rural Development to boost business in the county.

“It is uncommon to receive back-to-back grant awards,” said Paul

Venosdel, state director of the rural development agency, at a news conference Friday. “But the strength and quality of the KEDC work justified it.”

The agency had $4 million in requests, but only $500,000 to give in the state, Venosdel said. Kern County got a little attention because President Bush highlighted rural development in a Bakersfield speech last March at Rain for Rent, Venosdel said.

The new grant is intended to help nine to 12 other businesses join the program later this year, KEDC Business Developer Bill Jeffries said.

Those businesses will be selected from applications, which are available from the agency’s Web site, kedc.com.

They will be accepted through Aug. 26. Information is available by calling 862-5157. The program is known as Tomatoes on Steroids.

Friday’s news conference was held in front of Central California Power, 6615 Rosedale Highway, where its president, Rod Headley, credited Jeffries with helping line up new business opportunities.

Headley said Jeffries, during nearly weekly contacts, helped him with financing options and finding customers.

That helped increase Central California Power staff by three positions in the last fiscal year and the company is looking to boost the staff by an additional five to 15 positions this fiscal year, Headley said.

The 23-year-old firm, formerly Central California Diesel, provides sales and service for generators, sales of industrial engines and the engine generating components of dairy digesters.

It is the last aspect — helping dairies reduce pollution and costs, and produce electric power — which offers a new potential for expansion this year, Headley said.

The firm is also in the midst of replacing 250 to 300 old diesel engines with cleaner models — about $5 million worth of sales — that can reduce 500 to 600 tons of nitrogen oxide and particulate matter pollution, he said.

A new engine can save 75 percent to 84 percent of such emissions, the company reported.

Jeffries said one of the contributions he made to the firm was providing information about an offset pollution control program through the San Joaquin Valley Air Pollution Control District.

Another success story was helping Advanced Micro Research of Delano position itself to double its four-person staff this year, related the firm’s Chief Executive Officer Alphonso Rivera.

“Their support has been phenomenal in both marketing and contacts,” Rivera said.

KEDC was largely responsible for helping the 3-year-old firm secure a contract with the city of McFarland to help maintain and build its computer-information systems, Rivera said.

The company is looking to expand with similar work for private companies, he said.

The other businesses selected for help with the first grant were The Apple Shed Inc., Tehachapi; Bennett Optical Research Inc. and TomatoMan, Ridgecrest; XCOR Aerospace Inc. Mojave; Carney’s Business Technology Center, Oasis Air Conditioning, and Terrio Therapy-Fitness Inc., all of Bakersfield.

https://www.bakersfield.com/news/business/kedc-receives-grant-for-second-year-in-a-row-based/article_6cbe2e2d-69b4-53c6-b0f2-36f454437dc4.html

BTK serial killer: Power of computer forensics

By | Uncategorized

He called himself the BTK serial killer. It stood for “bind, torture, kill.” And he taunted Wichita, Kansas, law enforcement for more than two decades until his ego and computer forensics brought him down.

The BTK arrest in 2005 and the killer’s eventual sentencing to 10 consecutive life sentences is considered the most famous criminal case ever solved by computer forensics.

As time passes and technology becomes more sophisticated, law enforcement’s and the legal community’s reliance on computer forensics continues to expand. Not only are computer audits and investigations used to crack criminal cases, they are being used by companies to investigate disputes involving violations of company policies, financial and intellectual property thefts, security breaches and more.

The famous BTK case demonstrates the power and effectiveness of adding computer experts to investigative teams.

The BTK killings began in 1974, with the brutal murders of Joseph, 38, and Julie, 33, Otero and two of their children by suffocation, strangulation and hanging. A few months later, Kathryn Bright, 21, was fatally stabbed 11 times. After a gap of three years, Shirley Vian, 24, and Nancy Fox, 25, were found strangled in separate murders.

After another four years, Marine Hedge, 53, was strangled in 1985 and Vicki Wegerle, 28, died a similar death in 1986. BTK then went quiet, not killing again until Dolores Davis, 62, was found strangled in 1991.

Throughout the years of killing, BTK taunted law enforcement, seeking recognition and notoriety through notes hidden in boxes, library books and even newspaper classified ads. After a vicious yearslong murderous spree, from 1974 to 1991, BTK went quiet again.

It wasn’t until 2004, when a newspaper story speculated that BTK was dead, that the killer contacted law enforcement officers. That communications and the computer technology the killer used brought BTK down.

In March 2004, The Wichita Eagle received a letter from a man claiming to have murdered Wegerle. Enclosed were crime scene photographs and items. Before the letter arrived, BTK only had been suspected of killing Wegerle because investigators were unable to match DNA found under the woman’s nails to a suspect.

Another letter was sent to a Wichita television station with more clues and a box was found on a street corner containing a graphic description of the Otero murders. And in July, a package containing more evidence was dropped into the return slot of the downtown public library. By October, an envelope was dropped into a UPS box containing a poem threatening the case’s lead investigator. And in December, police received another package from BTK containing a copy of victim Fox’s driver’s license.

In January 2005, BTK attempted to leave a cereal box containing more crime details in a pickup truck parked at the Home Depot in Wichita. But thinking it was a joke, the vehicle’s owner tossed the box into a dumpster.

Hearing nothing about his January clue-drop, BTK contacted investigators, who scrambled to Home Depot, where they found the box, as well as surveillance tapes showing a man driving a black Jeep Cherokee tossing an item into a truck. Within the month, BTK sent more letters and a message written on a computer floppy disk.

Although BTK had scrubbed old documents from the floppy disk, forensic computer investigators found buried “metadata” identifying Christ Lutheran Church and “Dennis” being the last user. An internet search revealed Dennis Rader was president of the church council.

Further investigation revealed Rader drove a black Jeep Cherokee. And through medical treatment Rader’s daughter had received at a university, a DNA familial match was established with Wegerle’s DNA sample.

Rader, the married father of two, an Air Force veteran, a college graduate, who majored in criminal justice, and a code enforcement officer for nearby Park City, was arrested. He admitted committing the murders and told investigators he would have killed more people, but his intended victims “got lucky.” At the time of his arrest, he was planning another murder.

The lesson learned from the infamous BTK case is that a criminal’s effort to hide a “digital trail” is no match against the skills of a trained forensic computer sleuth.

Alphonso Rivera is the founder and CEO of Advanced Micro Resource Digital Forensics, a Bakersfield-based digital forensic company that specializes in digital audits involving cell phone and computer evidence for attorneys, private investigators, human resources consultants and companies.

https://www.bakersfield.com/kern-business-journal/btk-serial-killer-power-of-computer-forensics/article_dd8f0ad3-f833-50b6-8e25-dcf6d406d5c4.html

Cybercriminals, state sponsors target energy industry

By | Uncategorized

A cyberattack in April on a shared data network forced four U.S. natural-gas pipeline operators to temporarily shut down computer communications with customers. It was one of the latest displays of the vulnerability of America’s power grid and energy industry to criminal hackers and rogue states.

Probably the loudest international wake-up call came in 2015, with Russia testing its cyberattacking capabilities on the Ukrainian capital of Kiev. Using new cyberweapons, such as CrashOverride and BlackEnergy 3, Russian hackers were able to disrupt the electric power grid and black out the homes and businesses of 225,000 people in the Ukraine.

U.S. federal agencies earlier this year issued a report blaming Russian government-supported hackers for targeting U.S. energy and other industries in a new wave of attacks launched since 2016.

Last year, Federal Bureau of Investigation and Department of Homeland Security officials reported that Russian hackers were behind cyberintrusions into the U.S. energy power grid. The intrusion further demonstrated the threat hackers pose to the nation’s critical industries — energy, finance, health care, manufacturing and transportation.

There is a wide range of motivations behind these cyberattacks. Holding companies hostage with ransomware and the opportunities for outright theft are profitable endeavors for criminal hackers and their state sponsors.

The attack on natural-gas pipeline operators may have been in retaliation for the expulsion of 60 Russians from the U.S., an effort to intimidate and reveal U.S. vulnerabilities or a means to gather competitive information.

The House Committee on Science, Space and Technology released a staff report in April concluding Russian-backed cyberattacks were efforts to influence American energy markets and energy policy in response to the increased exports of U.S. liquefied natural gas, which challenges Russian dominance in European markets.

Increasingly, cyberattacks are becoming so effective that an office within the U.S. Department of Energy is being established to shore up cybersecurity for such critical facilities as nuclear power plants, refineries and pipelines.

But companies big and small cannot wait for “the government” to save them from these attacks. Understanding the attacks, identifying company vulnerabilities and maintaining vigilance to defend against new threats are critical steps companies must take.

No doubt, increasing cyberattacks are intended to gain access and test responses. Hackers and their state sponsors are playing a long-game — setting up strategies that include extortion, the shutdown of systems, explosions, spills, and fires that result in the loss of human life and property, and degradation of the environment.

Nearly 2.5 million miles of oil, gas and chemical pipelines crisscross the U.S. Many hundreds of miles are in Kern County, alone.

Hackers are using a big bag of tricks to gain entry into the U.S. energy system. Most common, they fall into two categories: “spear phishing,” where customized emails trick recipients into opening malware that is embedded into a system, and “water-hole attacks,” where familiar and trusted websites are infiltrated or cloned to include malicious code.

And while hackers’ main targets are large energy companies and facilities, the strategy is to start small. By targeting vendors, service companies, suppliers, trade publications and industry websites, hackers can worm their way into the main targets. Often, smaller companies along the “supply chain” are not as focused on cybersecurity as are the larger companies.

It is important that any company doing business in today’s energy industry must be vigilant, regardless of its size.

Some steps that can be taken:

• Form industry coalitions. Work together to share threat information.

• Constantly audit company security measures. Identify intrusions and attempted intrusions. Insure that company security measures are updated and enforced.

• Train and retrain staff to identify and combat evolving threats.

• Limit regular user computer access. Develop a need-to-know and use system.

• Require complex passwords for all users and require passwords to be regularly changed.

• Adopt multifactor authentication to prevent stolen logins and passwords from being used.

• Dedicate staff to cybersecurity or hire competent, trusted cybersecurity consultants.

Alphonso Rivera is the founder and CEO of Advanced Micro Resource Digital Forensics, a Bakersfield-based company that specializes in digital audits involving cell phone and computer evidence for attorneys, private investigators, human resources consultants and companies.

https://www.bakersfield.com/kern-business-journal/cybercriminals-state-sponsors-target-energy-industry/article_df6719ba-5871-58a3-b7fe-36b663ce7ccb.html

EDUCATION ROUNDUP: Centennial High takes 10th in international mock trial tourney

By | Uncategorized

Centennial High School mock trial students competed against others from China, Atlanta, Florida and Texas and took 10th place out of 28 teams, coach Brett Dobson said.

The team returned from the Empire San Francisco Mock Trial Tournament this weekend.

“It is basically a college-level mock trial tournament for high school students,” Dobson said.

Centennial won four ballots in all against three different teams while its students performed as both defense attorneys and prosecutors in a fictional civil suit involving a 16-year-old who was jailed and held in solitary confinement for years and suffered psychological trauma.

University of La Verne opens new campus in Bakersfield

The University of La Verne is celebrating the opening of its new campus at 10800 Stockdale Highway Thursday with a ribbon cutting.

The University of La Verne first opened its doors in Bakersfield in 1999 and has grown to offer almost two dozen undergraduate and graduate degree programs.

The ceremony will take place from 5 to 6:30 p.m.

Shafter school district awarded $25K for STEM education

Maple Elementary School District received a $25,000 grant this month through the America’s Farmers Grow Rural Education program to bolster its STEM offerings.

The district plans to use the money by creating an outdoor learning environment with gardening areas to grow vegetables, flowers and landscaping plants.

CSUB hosts LGBTQ pride week

Cal State Bakersfield is hosting a series of LGBTQ+ PRIDE events this week.

The week of events provides resources, meet and greets and several bonding events for those in the community.

“This is the second campus Pride Week and it is great to see students, faculty and staff coming together for great campus inclusion and visibility. CSUB has made great strides in supporting all diversity on campus,” Matthew McClellan, LGBTQ+ PRIDE co-chair.

Pride Week’s events include an “ally rally” at 6 p.m. Wednesday and an expression night at 7 p.m. with the theme of “Coming out stories.” Both events are held at the Stockdale Room. There will be a screening of “Hocus Pocus” at 7 p.m. Friday at Alumni Park and a Pride Volleyball Game at 7 p.m. Oct. 19 at the Icardo Center to close Pride Week.

SBBCollege donates tablets to BHS band

SBBCollege Bakersfield is donating 100 Amazon Kindle Fire tablets to Bakersfield High School’s marching band Thursday to support technology in education, school officials announced.

The tablets will allow students to learn marching drills and read sheet music conveniently, SBBCollege Bakersfield officials said.

“Having all of their reference material with them during an entire rehearsal, instead of running to the sidelines to check their pages, would greatly improve the learning potential of our students,” Randy Bennett, instrumental music director at BHS, said.

BCSD Education Foundation seeking board members

The Bakersfield City School District Education Foundation is seeking to fill vacancies on its board of directors.

The foundation is a charitable, nonprofit organization that partners with community members to provide resources that impact children through innovative educational programs.

“Our children are the future of our community,” said Alphonso Rivera, president of the BCSD Education Foundation Board of Directors, who has served since 2012. “Having more resources available to teachers in the classroom can directly impact a student’s success.”

https://www.bakersfield.com/news/education/education-roundup-centennial-high-takes-th-in-international-mock-trial/article_79c5e186-ae11-11e7-8fee-db1399f6778d.html

Cybercrime prevention and risk management go hand in hand

By | Uncategorized

Whether you are in Kern County’s energy or IT segments — or any other segment of our economy — none of us can ignore the risk of cybercrime.

Uniquely, it is both a property and liability risk.

In the last issue of the Kern Business Journal, Alphonso Rivera, CEO of Advance Micro Resource, offered steps business owners can take to mitigate this highly technical risk.

His guidelines reflected the complexity of this risk. His final recommendation was: “Develop a risk management plan including regular forensic audits of your company’s online systems.” However, no explanation was included of what a risk management plan needs to be. I’m pleased to “fill this gap” in his otherwise well-written article.

Traditional risk management is “operational.” Risks addressed are static — those that produce only a loss, e.g., fire, earthquake, liability, etc.

Enterprise risk management is “strategic.” In addition to static risks, those addressed are dynamic — risks that can produce either a profit or a loss, e.g., marketing, product design, investment strategies, etc.

The three overall processes within either risk management system need to be integrated into your overall culture so you can take your organization from the level of “insurance management” — where most companies are today — to the next level of risk management. They are:

1. Risk assessment — identification and measurement

2. Risk control — mitigation and reduction

3. Risk finance — including insurance

Insurance is the very last step — intentionally. It doesn’t come into play until all other alternatives have been considered.

Once risks are assessed, planning shifts to risk control, including not only cybercrime prevention but also fire prevention, security, safety, etc. — including Rivera’s forensic audit of online systems.

In addition, risk control includes disaster preparedness plus the most overlooked risk reduction task of all — business continuity planning.

Hurricane Katrina and other disasters each generated memorable stories of lives saved through effective disaster preparedness, yet other stories described businesses totally lost because no business continuity plan was in place.

Once risks are reduced, and some even eliminated, the final process can begin, viz., risk finance.

First is contractual risk transfer to others other than insurance. There are generally three levels of contractual risk transfer. The first two are reasonable. The third is disastrous! It is prohibited by law in energy contracts of most oil-producing states but not California. It is unenforceable in construction contracts in California.

A local drilling contractor imposed a contract with this third level on a trucking firm whose employee was injured by the sole negligence of a drilling company employee. Because of this clause, all financial burdens were assumed by the trucking company with no opportunity for reimbursement from the drilling company.

This increased the trucker’s workers’ compensation costs for the ensuing three years. Moreover, for the injured employee to receive damages beyond workers’ compensation benefits, he had to file a liability claim against his own employer! This totally violates the historical intention that workers’ compensation is the exclusive remedy from employers.

Next, residual risks are either assumed or insured. Some can be assumed through deductibles, self-insured retentions, total assumption, etc. Others must be considered for insurance through alternative risk transfers, e.g., formal self-insurance, captive insurers, high deductible plans, retrospective rating plans, etc.

Only then is conventional insurance considered.

There you have it — the overall risk management system that should be inculcated into your organization’s culture in perpetuity!

This completes Rivera’s steps to a cybercrime solution — and more — plus the long-term benefit of risk management to all: a quiet night’s sleep!

— John Pryor is a risk management consultant and author of “Quality Risk Management Fieldbook” published by the International Risk Management Institute in Dallas.

https://www.bakersfield.com/kern-business-journal/cybercrime-prevention-and-risk-management-go-hand-in-hand/article_646a07c5-bc09-55c9-adca-03e5cc25e811.html

Community Voices: It’s not just Trump who should worry about cell phones

By | business-journal

A grainy cell phone photo and Facebook posts by guests at President Trump’s plush Mar-a-Lago resort in Florida last month touched off a firestorm of concerns about potential security breaches associated by the new president’s continued use of his Android cell phone.

The photo, which was taken by a resort guest, showed President Trump, Japanese Prime Minister Shinzo Abe, assorted staff and guests huddled around a table in the patio-dining room shortly after North Korea had fired off a ballistic missile. It showed people talking on cell phones, while staff used their cell phones to illuminate papers that the two leaders were discussing.

“Holy Moly! It was fascinating to watch the flurry of activity at dinner when the news came that North Korea had launched a missile in the direction of Japan,” guest Richard DeAgazio wrote in his post.

Other guests weighed in with their breathless observations of the open-air emergency meeting, prompting Republicans and Democrats in Congress to press the administration for an explanation of the new administration’s cyber security, particularly as it applies to the use of cell phones and the president’s reported continued use of his unsecured device to communicate and tweet.

I will let those in Washington sort out the details of President Trump’s cell phone use and the propriety of conducting such a meeting in the Mar-a-Lago dining room. But the dustup does call attention to the security problems posed by the common devices in most of our pockets or purses.

Clearly many of us take for granted our cell phones, which are becoming more and more powerful computers. Our cell phones contain an increasing amount of personal and sensitive information that can leave us vulnerable to cyber-crimes, including identify theft.

Depending on the security imposed on President Trump’s cell phone, it could have allowed information access to spies through eavesdropping or hacking. Even secure devices are vulnerable to hackers, who can turn a cell phone’s microphone into a listening device and use its camera to spy on whatever is in front of the lens. Using a cell phone’s flashlight for illumination provides added light and makes objects viewed in a dim dining room even more vulnerable to spies.

We all need to take more care to “secure” our cell phones. You don’t need to be rich, famous or powerful to be a victim of a cyber-criminal.

I could write a book about the steps you should take to secure your cell phone. But likely the more I write, the more you would be overwhelmed and the less likely you would be to do anything.

So, I am going to offer up a few basic steps:

  • Enable your cell phone’s “pass code access feature.” Use a strong alpha-numeric pass code to prevent access to the contents of your cell phone. Don’t use your birthday or address. For added security, most cell phones now allow the use of your fingerprint to limit access. Use this feature.
  • Most modern phones allow for stored information to be encrypted. I favor using the “default” encryption system that comes with my phone.
  • Set up the “remote wipe” on your phone. If the phone is lost or stolen, you can wipe your phone clean remotely. Back up the information in your cell phone onto your computer at home.
  • Buy apps from your device’s manufacturer or a “trusted” source. Buying an app from an unknown third party can expose you to malware and ransomware. Be
  • very
  • suspicious of “free download” offers. Check and set the “privacy settings” on all your apps.
  • Public wi-fi is not secure. Period! Instead, using a virtual private network will boost security for sensitive data. Better yet, use a VPN that scrambles and encrypts all cyber transmissions. Shut down wi-fi and bluetooth connections when you are done.
  • Back up and update your cell phone software and apps frequently. Often these updates address security issues.

Alphonso Rivera is founder and CEO of Advanced Micro Resource, a Bakersfield-based digital forensic company that specializes in digital audits of phone and computer evidence for attorneys, human resources consultants and companies.

Business, legal dispute takes embarrassing turn

By | business-journal

Who does not rejoice over the advancement of computer systems these days? Well, I can think of two businesspeople who now wish they had a bit less “connectivity” when their relationship went sour.

Advanced Micro Resource’s forensic services were called in to unsnarl a nasty corporate, legal and personal dispute over who owned data on a company’s hard drive.

The case provides some cautionary lessons for all of us who sometimes use our company computers to conduct our private business.

The subjects in this case had been long associated — one as a company executive (John) and the other as an attractive female contractor (Jane). Jane used the company’s computer for work and personal use.

What Jane did not realize until it was too late was that through the “mysteries of the cloud,” her personal iPad and iPhone had synched to the company’s computer. In other words, her personal computer and cell phone emails, text messages and other communications, including deleted photographs, had flowed from her personal devices into the hard drive of the company’s computer.

As business relationships often go, the subjects had a not-so-pleasant parting of ways. The company executive insisted Jane return the company computer, claiming it contained proprietary intellectual information owned by the company.

Jane returned the computer, but first removed its hard drive.

And that landed the two in court and Advanced Micro Resource’s forensics division in the middle of their dispute.

There seemed to be little disagreement that the company was entitled to the return of its computer. But Jane insisted the hard drive contained her personal files.

To resolve who was entitled to what, the court called for a digital forensic exam — a thorough analysis of the hard drive, which had been removed, but was preserved as evidence.

Advanced Micro Resource’s forensics division thoroughly examined the hard drive, searching for work-related files, as well as personal files. The findings were reported in open court.

In addition to many personal and work-related files, emails and text messages, we reported that we found more than 1,000 photos — many of them were embarrassing nudes involving the two subjects in a torrid undisclosed relationship.

The courtroom became very quiet. The two quickly realized that to proceed would risk damaging both of their reputations. The case was subsequently dismissed.

The lessons learned from this case:

  • Separate “personal” from “business” when it comes to using company computers.
  • Understand the capabilities of your mobile devices. These two were not the first to discover that their personal files, including embarrass ing photographs, could easily wind up floating around the cloud and landing in unintended computers or mobile devices.
  • Check your security settings to ensure your files are, in fact, secure.
  •  Don’t connect your personal devices to company computers.
  • There’s no such thing as a “secret file.” A good forensic exam can find your “hidden secrets and deleted information.”
  • Don’t store or send nude pictures from your mobile device. It’s just not smart.

Because of the confidentiality of computer forensic cases, the names of the subjects involved and some of the identifying details of the dispute have been changed or not disclosed to protect the privacy of the individuals.

— Alphonso Rivera is the founder and CEO of Advanced Micro Resource, a Bakersfield-based digital forensic company that specializes in digital audits involving cell phone and computer evidence for attorneys, private investigators, human resources consultants and companies.

Cyberscam: Real estate deals are easy targets

By | business-journal

A few weeks ago, a California Public Radio station reported that millions of dollars were being “bled” each month from Los Angeles homebuyers by cyberscammers. But the rip-off is not happening only in Los Angeles. It’s happening throughout the country at alarming rates.

According to the FBI, a cyberscam that tricks homebuyers into wiring money to offshore accounts is costing the Los Angeles area alone $5 million a month. The scam that surfaced in 2013 has rapidly grown, with the FBI’s Internet Crime Complaint Center reporting incidents spiking 480 percent between 2015 and 2016. Last year, the Federal Trade Commission issued a joint warning with the National Association of Realtors about the threat.

Here’s how the scam works:

A criminal will hack into the email account of a person involved in a pending real estate transaction. The hacker will spend days collecting information about the deal, as well as the participants. The hacker even picks up nuances, such as the way agents and customers speak, and details of the transaction. From this information, the hacker creates authentic-looking emails.

Usually during the chaotic moments of a deal’s closing, the hacker will send an email with last-minute changes to instructions about wiring transaction-related funds. Unsuspecting buyers, representatives and financial institutions may not question legitimate-appearing changes sent from the email accounts of “familiar” participants and follow the instructions. Money will be sent directly to the hacker’s account, where it will be quickly lost forever.

There is no shortage of horror stories emerging from this cyberscam. Consider the owner of a small escrow company in Southern California who opened an attachment reportedly containing information about a lost package. The phony email inserted a virus into her computer allowing a hacker to obtain her banking password, which was used to rip off $400,000 through a series of wire transfers.

Earlier this year, a Maryland couple lost more than $400,000 in proceeds from the sale of their home in a cyberscam with roots in West Africa. Unable to recover their money, the couple reportedly now lives paycheck to paycheck.

Wherever you look, recent cases can be found.

In Long Beach, $10,000 disappeared from a real estate deal. In Greenfield, Massachusetts, $80,000 in closing funds and $20,000 in earnest-money deposits disappeared. In Minneapolis, a retired couple buying a townhouse close to their adult children lost $205,000. Another retired couple in Denver lost $272,000 attempting to buy a house. A judge in New York was victimized when she mistakenly followed bogus instructions she thought had been sent by her real estate lawyer. She lost more than $1 million.

Clearly, cybercriminals have discovered a lucrative pot of gold containing easily duped buyers and sellers who may be infrequent participants in complicated, fast-moving financial transactions. And these real estate deals often are handled by small businesses that may lack adequate cyberprotection systems.

While cybercriminals seem to keep one step ahead of their victims, measures can be taken by real estate professionals to protect themselves and their clients.

  •  Inform all participants in a real estate transaction about the cyberscam and how it works.
  •  Have a cyberprotection plan and communicate it. At the outset of a transaction, explain to all participants how information will be conveyed and verified.
  •  Ask about the cybersecurity practices of participants, including other real estate professionals, financial institutions and vendors.
  •  Change passwords regularly on accounts, including email accounts. Encourage others involved in the transaction to change their passwords.
  •  Train staff to recognize bogus emails and to use caution when clicking on attachments.
  •  Do not communicate sensitive information or funds over unsecured Wi-Fi or unencrypted email.
  •  Immediately before initiating a wire transfer, call the intended money recipient via a verified telephone number and confirm instructions.
  •  Regularly clean out email accounts.
  •  Check your online bank accounts daily. Change your banking passwords on a regular basis.
  •  Work with information technology and cybersecurity professionals to examine computer systems, assure security software is active and current, and audit online accounts.
  •  Consider buying cyber liability insurance. A policy should cover a wide range of threats, as well as business interruption.

Alphonso Rivera is the founder and CEO of Advanced Micro Resource Digital Forensics, a Bakersfield-based digital forensic company that specializes in digital audits involving cell phone and computer evidence for attorneys, private investigators, human resources consultants and companies.

Advanced Micro Resource focuses on forensics, training

By | business-journal

Successful entrepreneurs must be creative, competent and hard working to succeed. They also must be quick and nimble — able to recognize new opportunities and adjust their business plans and systems to capitalize on emerging markets.

Alphonso Rivera demonstrated these qualities as he guided Bakersfield-based Advanced Micro Resource through the exciting, challenging and ever-changing technology industry.

Like other local company owners who have been clients of the Small Business Development Center at California State University, Bakersfield, the key to Rivera’s success is having a strong, but flexible business plan, marketing strategy and business systems that not only accommodate growth, but encourage it.

Rivera’s company, which is located at 3434 Truxtun Ave., Suite 180, in Bakersfield, focuses on computer education and forensics.

Growing up in Bakersfield, Rivera began tinkering with electronics as a young child. His interest led to his completion of courses at Bakersfield and Taft colleges and then at the University of California, Los Angeles, where he studied systems management and information technology. He continued his studies at Western Governors University.

His work experience includes jobs with the technology giant Tandy Corp. and with Henkel’s & McCoy, a utility construction company. He worked as the Bakersfield and Rosamond training director for New Horizons Computer Learning Service before organizing his own company in 2000.

The company’s initial focus was on providing computer training and augmenting STEM – science, technology, engineering and math – programs in area schools. Advanced Micro Resource provides instructors and training equipment to enhance student computer skills.

Earlier this year, Advanced Micro Resource was honored by Assemblywoman Shannon Grove as a 34th Assembly District Business of the Year in recognition of its outstanding service to Bakersfield.

The firm was one of only 85 recipients to receive the award for bringing technology-focused after-school programs to culturally diverse students in 35 Bakersfield-area schools.

The state Legislature created California Small Business Day in 2000, with Assembly and Senate members selecting outstanding local business leaders in their districts for recognition. California Small Business Association’s annual ceremony honoring Advanced Micro Resource was held in May at the Sacramento Convention Center.

After establishing Advanced Micro Resource to meet area computer training needs, Rivera noted that local companies also needed unique, specialized forensics services.

“I started getting requests from local attorneys to perform digital forensics work,” Rivera recalled.

This work ranges from scanning and indexing large case files, which allows content to be searched and organized, to accessing information files stored in electronic devices. Even content people believe they have deleted from an electronic device often can be retrieved and used as evidence.

Prosecutors and defense attorneys have used Advanced Micro Resource’s services. The company’s Digital Forensics Division also is frequently added to a civil litigation team.

Although Advanced Micro Resource’s forensics work is confidential, Rivera said investigations generally involve computer and cell phone evidence. Cases have ranged from high-profile sexual harassment complaints to murder investigations. Rivera conducts seminars for local attorneys to explain the potential uses of digital forensics.

The need for digital forensics services is not limited to the courtroom, however. Often when companies “lose” critical files or passwords, they turn to Advanced Micro Resource for data recovery help.

Rivera notes that his team of experienced analysts and technical professionals has a nearly 20-year record of delivering results for Advanced Micro Resource’s business clients. Plus, he always keeps an eye out for talented teachers and new security information technology program graduates.

Although Advanced Micro Resource is an established technology firm with a proven track record, the Bakersfield company is constantly updating and improving its business systems. Advanced Micro Resource is just one of many local professionals and entrepreneurs who are being helped by the Small Business Development Center at CSUB. The service center is one of five within the University of California, Merced, SBDC Regional Network, which is a partnership between the university and the U.S. Small Business Administration.

The center at CSUB assists entrepreneurs and small business owners in Kern, Mono and Inyo counties by providing free one-on-one consulting, small-business training and research. For more information, go to csub.edu/sbdc.

— Kelly Bearden is the director of the Small Business Development Center at Cal State Bakersfield.

Energy industry becomes cyber war battlefield

By | business-journal

U.S. energy facilities are increasingly being targeted by cybercriminals, according to a recent report released by government and private security officials. Just one agency, the Department of Homeland Security, reported a jump in cases with its investigators receiving reports of 59 significant cyber incidents occurring at U.S. energy facilities in 2016.

The agency handled 290 cybercrime incidents last year involving numerous industrial sites, including factories, power and chemical plants, refineries and nuclear facilities. Many of these incidents originated with “phishing emails” — emails sent by hackers that trick people into downloading virus-infected attachments or links. Many others came from “network probing” and “scanning” schemes.

Some viruses result from malware that was inflicted on systems years ago but keep spreading. Others result from increasingly sophisticated schemes that continue to be created.

In a study conducted in 2015 for Hewlett Packard Enterprise, the Ponemon Institute estimated cybercrimes are costing U.S. energy and utility companies about $12.8 million a year in lost business and damaged equipment. And the possibilities of catastrophic events being caused by cyberattacks are growing.

Consider the “mother of cyberattacks” that hit Saudi Aramco in 2012, when an employee opened a phishing email and released a computer virus. Files quickly began to disappear from the company’s computers. Telephones went dead. As staff desperately yanked cables out of equipment, computers shut down. In just a few hours, 35,000 computers were wiped or totally destroyed.

Saudi Aramco, which supplies 10 percent of the world’s oil, was unable to conduct business or communicate with customers. After about two weeks, the company had to give oil away for free to keep inventories from overflowing. It took five months for the company to come back online. A bigger disaster was averted because some of the company’s functions were not networked with the infected system.

The motivations for these attacks are many: nation-states waging war by attacking adversaries’ energy supplies and production; politically or ideologically driven groups advancing their causes; criminals seeking to steal data, divert production or extort money; and competing companies engaging in industrial sabotage or espionage.

Among the most common risks are plant shutdowns, equipment damage, utilities interruptions, production cycle shutdowns, product quality problems, undetected spills and safety breaches that result in injuries and death.

Imagine, for example, what would happen if a hacker changed critical settings that controlled the filling of a tank. A cybercriminal could engineer an explosion when the tank reached its maximum capacity.

Imagine what would happen if a hacker changed the temperature and pressure settings on a remote plant, triggering a shutdown and a time-wasting, expensive investigation.

Imagine if a hacker changed the oil stock information of a company to incorrectly indicate it had a much bigger inventory. When the demand exceeded supplies, the company could no longer service customers. Havoc would be inflicted on the company, oil prices and marketplace.

The number of cybercrimes occurring in the energy industry likely is underreported because many companies do not want to divulge their vulnerabilities. But companies are increasingly addressing these risks.

ABI Research, a technology market intelligence company, estimates oil and gas companies will be spending $1.87 billion on cyber security by 2018. Industry and government initiatives also are underway to develop standards and requirements for reporting breaches and improving security.

But there are immediate steps companies can take to protect their systems.

  • Make cyber-security a priority — from top management to line employees, as well as contractors. This includes investing in cybersecurity systems.
  • Understand vulnerabilities. Don’t assume any operation is safe from hackers. Network systems when it makes business sense. Create “firewalls” when possible.
  • Share security concerns with others in the industry. A “common enemy” should encourage common, timely solutions.
  • Disseminate sensitive information on a “need to know” basis. This should not create barriers for a company’s efficient operation. Rather it should be to minimize exposure to security breaches.
  • Educate the workforce. Train employees how to recognize hacking and other cyber intrusions, as well as how to prevent these crimes from occurring.

— Alphonso Rivera is the founder and CEO of Advanced Micro Resource, a Bakersfield-based digital forensic company that specializes in digital audits involving cell phone and computer evidence for attorneys, private investigators, human resources consultants and companies.

Call Now ButtonCALL NOW