Scott N. Schober is the President and CEO of Berkeley Varitronics Systems (BVS), a 48 year-old New Jersey-based privately held company and leading provider of advanced, world-class wireless test and cyber security solutions.
Scott is a highly sought-after author and expert for live security events, media appearances and commentary on the topics of ransomware, wireless threats, drone surveillance and hacking, cybersecurity for consumers and small business.
Mr. Schober is the CSO & Chief Media Commentator for Cybersecurity Ventures. He is often seen on ABCNews, Bloomberg TV, Al Jazeera America, CBS This Morning News, CNN, Fox Business and many more networks. He is the author of ‘Hacked Again’, ‘Cybersecurity is Everybody’s Business’, and ‘Senior Cyber’.
John Shegerian: This edition of the Impact Podcast is brought to you by ERI. ERI has a mission to protect people, the planet, and your privacy, and is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States and maybe even the world. For more information on how ERI can help your business properly dispose of outdated electronic hardware devices, please visit eridirect.com.
John: Welcome to another edition of the Impact Podcast. This is a very special edition because we are welcoming back my good friend Scott Schober. Welcome back to the Impact Podcast, Scott.
Scott Schober: Hey, it’s great to be back, John. Thanks for having me again.
John: Oh, yeah. And you know, even though you are in New Jersey today and I am in California, it is nice because we are friends and we are in the same industry really in so many ways, so we get to feel like we are almost in the same room. So, it is just great to see you. Technology really does work when it works this well, so thanks for joining again.
Scott: Great to be here and you are right. Cybersecurity seems to really now touch all our lives, touch all of our businesses, especially with this COVID problem. Working remotely all of us and being on Zoom and whatever it takes, we have to be careful and keep things secure and keep our company’s information protected.
John: For our listeners and viewers and readers who haven’t had the chance to get to know you yet as the president and CEO of Berkeley Varitronics Systems and also as an author and cyber expert. And we are going to be talking about your new book today. We talked about your last book on the last episode. But before we get to all that stuff, share a little bit about your background, your family’s background, your pap, your brother, and how you guys came to do what you do, and now why you are really running one of the most important companies to keep us safe not only in the United States but around the world.
Scott: Yeah, absolutely. It is kind of a unique situation where a small family business which you just don’t hear a whole lot about it anymore. So, I am very proud of that to carry that on. We are celebrating. It is our 48th year going into 49.
John: Wow.
Scott: So almost 50 years in business. It was founded by my father, Gary Schober. He also had his partner, his father Bill Schober, was part of the company a long time ago. He has since passed away, which I talked about in this book, Senior Cyber, a little bit. He was 99 years old, just a short of his hundredth birthday. He was a technologist. My father is really a self-taught. I call him a genius who knows technology. He is like Steve Jobs or many other innovators. A Musk or anyone else that comes to mind. He has got that unique uncanny ability to look at a complex problem and finding a solution. That really was the birth of our company. Berkeley Varitronics Systems was founded in Berkeley Heights, New Jersey, not far from the Bell Labs headquarters there, where it is really a think tank of engineers. Companies would come to us over the years and bring us a problem. We would craft and design a unique niche solution that solved their complex problem, and then hopefully it led to production and follow-up orders. It spans a lot of different industries. But primarily, we focus on wireless technology and a lot of the spin-offs of that security implication, keeping our companies’ computers and everything on the network safe from hackers that are trying to pry and get in. So that is kind of the backstory in what brought us up to where we are today. A lot of heavy focus now on wireless threat detection tools to stop cell phones, Wi-Fi, Bluetooth coming in to secure DoD facilities anywhere where classified information is or confidential information is. Our tools are used to keep that area safe. A lot of cybersecurity plays into that and educating people. So, it is my mission to educate people, business owners, consumers, even seniors. With my recent book Senior Cyber, I am trying to get the message out there and keep people safe.
John: I love it, and we are going to talk about it. We are going to get to Senior Cyber in a second. Who are your typical clients? Is it large corporations, small corporations, government entities, or all of the above?
Scott: Yeah, a little bit of all the above. More of a focus toward the government agency. So the common acronyms that we may hear, the FBI, the Secret Service, the CIA, many DoD branches globally that we are selling to where they are, again, guarding that classified confidential information to keep the nation safe. But also a lot of other businesses. These could be companies working with the government. It could be universities. It could even be small businesses. A lot of small businesses are using our tools to keep their company safe, so they are not compromised with their credit card, skimming devices, and a whole slew of offerings that we make to keep the wireless aspect secure for them.
John: Wow. That is awesome. So now let’s get to your new book. I mean, you are prolific. You are an author. Is this your third book? Am I right?
Scott: Yes, this is my third book. My first book was Hacked Again. It is about the story of my company being targeted, myself personally being targeted and hacked repeatedly, and all the misfortunes and mistakes that I made that I share with the reader so they don’t go down the same path and make the same mistakes that I made. And as I did that and educated people, I learned this problem is now widening out. It is not just cybersecurity people that are being targeted. It is everybody. It is all of us that have credit cards and small businesses and whatever that we have that they can get in and steal our personal information. So it has really become everybody’s business. And hence, the genesis of Cybersecurity is Everybody’s Business was my second book. I identify the niche area, dealing with my parents, helping them with friends. My grandfather is I shared throughout Senior Cyber.
There is an area of untapped education and that is often overlooked in that Senior. So, perhaps somebody that is my age where they have aging parents that still are active using technology, the internet, smartphones, they need some help and guidance and hopefully being bold and empowered a little bit that they can use technology for good and not live in fear of scammers and hackers. That is really what was the genesis of getting Senior Cyber written. I blew the font up a little bit. My eyes are getting a little bit soft and difficult to see. And I think the senior audience appreciates that, too. It is an easy read. It is not deep-dive technical or bearing acronyms. It is hopefully relatable things that as you grew up in your generation that you could understand a little bit better and relate to and use technology for good and not be in fear.
John: So I read your book. I love it. Of course, this is a topic that is near and dear to my heart. So let’s go into it. We now know why you wrote it. I mean, cybercrime is on the rise. If I am not wrong Scott or if I am close to the truth, $3 trillion, the bad guys got away within 2015, $6 trillion in 2020. The trend seems to keep rising. So you are in an industry that solely needed for your skillset, and the information that you have put forward is solely needed. What can seniors do to protect themselves? What are some of the greatest hits of information that are in this book that people should be learning about?
Scott: Yeah, it is a great point. It is ludicrous how the scams are rising, how much money is being stolen, and especially towards seniors. I should point out first. Maybe I kind of asked myself this question, why senior? Why would seniors be targeted? Well, there is a huge population of seniors. Number one throughout the United States, especially the Baby Boomers and many seniors that are still using technology actively. And as they are doing it, they are not always that comfortable. And what are they falling for? It is the very common things that you and I talked about, other people talk about. Phishing scams that are toward the top of the list, and they are often catered toward a senior to have them give in from an emotional aspect. It is something like a scam with the vaccine. They may receive an email and it says register here to get your vaccine for COVID and they are thinking, “Oh, wow. I am waiting for this. I am waiting for my doctor or someone to reach out to me.” Just click here. They click there. It redirects them to another website and asks them for some personal information. And that is the beginning of the scam as they start to siphon this information where they could then try to take out credit in their name.
They could try to attack their bank account or some other scam that they are trying to orchestrate. So phishing scams are really scary. And again, they are targeting that group of seniors facing the emotional issues. And oftentimes seniors tend to have a little bit more disposable income. They have a little more time on their hands. They tend to be a little bit more trusting. So if you think about all those facts, what happens they may be a little bit more likely to give in. The same is true with phone scams. And especially this time of year John, you think about the IRS we are filing. People are e-filing. They are encouraged to thinking about stimulus. They are thinking about getting their refund. Well, guess what? Hackers are going to be very busy in the next few months trying to, again, target seniors. So seniors got to be very careful if they receive a phone call asking them for confidential information, somebody claiming to be from the IRS, and email again with a phishing attack claiming to be from the IRS. Just click here and enter this information. So, a lot of this is more cautionary type of information. So seniors don’t go to the next step. They stopped. They investigate. And then they ask a trusted family member or they pick the phone up and call to verify and to make sure something is not a scam, so they are not duped out of their financial savings.
John: The COVID issue, it is just like you said, exposes us to these scammers. Is it because scammers in the cyber world are looking for soft spots? And the anxiety and the confusion that this has created, that COVID has created, has then opened up more soft spots for them to take advantage of? Socially speaking, has that become really what is going on here?
Scott: Yeah. Absolutely. In fact, case in point, about two weeks ago I was up at my parents’ house helping them out with some things, and as I mentioned they are having some health challenges and so on and so forth. We were talking about the vaccine and when are you going to get it or waiting for a phone call or email or something. And right then the phone rang, my father picked up, and he was, “Oh, somebody is calling about the vaccine. Hold on. Let me give him our names.” And I was like, “Stop. Stop. Wait a second.” And sure enough, it was a scammer. And when he hung up he was mad and does, “What is going on? How could these people be so ridiculous where they actually target seniors and fool them because I was so focused on the vaccine and getting it? I am not even thinking about being scammed.” And that is the point. We have to slow down, stop, and really investigate the phone call, the email, the text message that we get, the letter in the mail. Whatever means they are using to get to us, we have to be careful. Family members, I think also with this book. When they are reading and hopefully, it will empower them to step up a little bit and have those good conversations with your aging parents so you could talk about things. Because sometimes when you become a victim, you are embarrassed.
When my company was hacked, I was embarrassed. I don’t want to tell anybody about it. Finally, it was a story that broke on Associated Press. They wrote a whole lot of tutorial about it, and I shared the information in hopes that other people won’t go down the path I went. But seniors sometimes are a little bit private. They may not want to show that they gave in or they made a mistake. They gave the credit card information over the phone. They are embarrassed and they may be a little bit prideful. And that is okay, but if a family members have that conversation with them, “Hey Mom. Hey Dad, if you do get a phone call before you give any information, jot some information down. Ask them their name. Ask for the phone number in case we get cuddled. A little bit of investigative work and then say I will call you back and then give me a buzz.” In that way, it kind of slows the chain down and now it is usually the scammers that are trying to make the time that this is of the essence. You got to give me this information. You can lose your chance to get the vaccine. You are going to miss out on this lottery prize, whatever the scam is. So if they make it seem too good to be true and they got to react quickly, that the flag should go up there. So have that conversation with your aging parents so you can tell them to slow down and let us discuss this together just to make sure you are not duped.
John: Scott, this book, I read the book. And for our listeners out there, I highly recommend it. Read it. If you have a parent that is aging, read it yourself and share the information with your parent or give it as a gift to your parent. This is just a great book. I learned a lot from it. The great thing about it, what you do is you give so many real-life examples in it so it becomes very understandable to see how we can all get duped. All of us. It doesn’t matter what age. Frankly speaking, I am 58 years old and I learned a lot like how to better protect myself here. Talk a little bit about debit cards, credit cards, gas pumps, and ATMs. How can all of us, but especially seniors, but all of us protect ourselves better at those critical junctures that are being exploited all the time?
Scott: Yeah, it is a great point. It is something I learned too in just even the past years of doing my research. When I go to the gas pump, I am so used to it and so accustomed. Just take out the credit card and pay via credit card. The big fear we have to be careful of, the millions of gas pumps throughout the United States, there are skimmers that are put in there. They either slid down in the neck of the actual pinpoint of sale terminal or their Bluetooth scammers that are put inside the gas pumps that you cannot even see. So when your credit card goes in, the transactional go through. You pay $20 or $30 in gas, but at the same time they are copying your CVD data, your credit card data, that number, the expiration date. Hackers will then wirelessly transmit that to their laptop. They will sit 75 or 100 feet away from that gas pump and will get hundreds of stolen credit cards from each gas pump. Every day the average gas pump with a skimmer in it, it is about a $116,000 that is actually accumulated before we would actually find the skimmer. That is the estimate which relates to what billions of dollars in stolen credit cards just at the gas pump alone. That is scary.
What can we do? There are a couple of common sense things that we could do. Not everybody likes it. But we always often trade convenience for security, security for convenience. I paid cash at the gas pump. Why? They can’t do anything. You pay them cash. You don’t get your credit card skimmed. The laws for protecting credit cards at the gas pump are not there yet. They haven’t forced the petroleum industry to upgrade, to have more secure chip-and-pin technology. We think about it. We said, “Well, no, my credit cards got chip-and-pin on it, Scott.” Sure it does. But what are you doing? Your credit card slides in and it still has that mag stripe on the back of it. So as long as you have a mag stripe on the back of your credit card, you can be a victim. With a skimmer, it just reads that credit card data author. It is not secure. It is decades-old technology that is insecure. So use cash at the pump. You are much safer.
It is a little better at an ATM machine. Why? Because you have an additional layer of security besides cameras and lights and things like that. You have to enter in a pin code. So you kind of think of that as multi-factor authentication or two-factor authentication. Another layer of security. And of course, if you are going to be using an ATM, use your hand to cover up if you are going to enter your PIN code so that in case they put a pinhole camera, they can’t see what you actually type in. The cyber thieves are embedding that in little plastic bezels all around the ATM machines so they could steal that information as well as sticking skimmers inside the ATM. Not as prevalent as the gas pump. They go for the easy hacks first. They are going to fill up all these gas pumps with thousands and thousands of skimmers, steal our cards until they are upgraded. Once they are upgraded, then they are going to migrate to another hack. So just using common sense and caution there. I personally minimize the use and try not to use an ATM. I would rather wait till the weekend, go into the bank and take out some cash. Keep that in my wallet. Keep that in a safe locked away, and use cash as much as I can to minimize the chance of being a victim with a debit card or credit card.
John: Scott, when you read the newspaper, every other day there is another breach. Home Depot, Sony, Marriott, the list goes on of these really wonderful brands that we all come to love and use and enjoy their services and their goods that they sell. But they are breached and they have massive losses of information, of capital sometimes, of goodwill we know. If they can’t protect themselves from the bad guys, how can we as small business owners or entrepreneurs protect our businesses in America or even our households? Are we all that much of a risk and they are going to get us regardless of what we do?
Scott: John, you make a great point. Nothing is a hundred percent secure, and I often thought about that too. If you look at JP Morgan got hacked years ago and they spent $500 million. They committed after that hack $500 million to keep it secure. That is one of the most secure banks in the world. You don’t hear about them getting hacked now because they spent the right money in the right areas.
John: Right.
Scott: Sometimes we hear about these in the headlines. Home Depot, they target someone and so forth. After the fact though, they instill good security. So the same is true about us. The onus is on us to protect our own personal data. What do we sometimes do that causes weaknesses in the chain? Well, poor password management. That is a huge problem. Look at password reuse. More than 50% of users around the globe still after all the preaching I have done and everyone else in the industry not to ever reuse the same password on multiple platforms. What does that mean? When we go on to whatever it is, our Facebook account, that password should not be the same password as our online banking password. Why? Because if and when Facebook is compromised and that password is obtained by a hacker and sold on the dark web to the masses, the highest bidder, they take that password and they put it into automated software that then goes out to every bank site, every social media app, every stock exchange program, and tries that same password to see if somebody ever used it on multiple platforms. That is how they really get in easily to so many different accounts. Then they change the password, take over our account, siphon the money out, sell the information. The problem goes on and on and on. So, a unique long and strong password for every single account is key. Easy to remember? No. If it is a common word in the dictionary, it is a bad password. If it is a short five or six, even eight-letter, numeric password, it is not strong enough. I always use 15 characters, numbers, uppercase, lowercase, and symbols to make a password.
John: So Scott, you are saying human nature, and this goes for me too, want to use same password so we remember it and we could use it for all the different things that we get to enjoy. Our Netflix account or Facebook account or Bank of America account. But that is absolutely runs counter to how to protect ourselves. So we should maintain a little written book that travels with us where we write down what we have created for each of these different entities and platforms and use that to keep ourselves safer.
Scott: Yeah, and that is exactly what I do. I do a combination of things. So I actually have a little black book, and then I issue before layers of security. So I write down when the password was created. Long and strong obscure password, which is a pain to do, but I do it. And I keep that locked in a safe, locked in an office, locked in a building with alarm cameras on and so forth. So again, layers of security so nobody gets my passwords. At the same time, a good password manager is worth using once your passwords get up to a certain point. More than about 25 password, that is really hard to manage. There is a lot of great password managers out there which are really applications where you need one single master password to get in and then you have access to all of your secure passwords. I use Dashlane. It is a great program. Easy to use. It is affordable. And there is a lot of other good ones out there. So, I don’t want to knock any one company, but you really want to take some time to evaluate, read some of the reviews about password managers. It is worth getting one if you have a lot of passwords that you manage. That way you have a unique, distinct password for every login, every account that you have. It is a pain in the butt. It does take time. But that is life, because that is what the hackers have done. They made a hard life. It is very difficult. So let’s make their lives even more difficult so they can not access and get our private information.
John: You know, Scott has a macro issue. GDPR got past May 2018, and it has come to America in a very meaningful way. There is Federal Legislation that hasn’t gone past yet, but they are kicking it around and something will get passed. But the states have taken upon themselves to now create more privacy and data protection laws to protect the consumers that mimic GDPR than ever before. Four states already have them passed. Every state has some form of legislation going. How is that good for us, and how should we be thinking about our data going forward? Whatever is on our cell phone or tablet’s, on all of our devices. And given that internet of things is exploding and we are all wearing wearables, we are driving EV cars that have become computers on wheels. We have Nest, Alexa, and Ring in our house. How do we now not lose our minds but also be very, very sensitive to these issues?
Scott: Yeah, it is a fabulous question. I talked about this often and I encourage a couple things. A lot of it is just more cautionary things. When we talk about the world of IoT, the Internet of Things, in our smart homes, smart cars, smart lives with all our wearables, be cautious not to just buy the latest and greatest. Why? Because they are oftentimes low-cost consumer-related devices and the security is not necessarily built-in at the development start estate. So what happens is it gets out to the market and then they say, “Oh geez, we just discovered there was a vulnerability in this.” And they don’t have a way to upload the firmware to add a security patch to solve the problem. When our computer has a problem, what happens is we upgrade our iOS or operating system from Microsoft or whatever platform that we are using to take care of the security vulnerabilities on a regular basis as well as applications on our smartphone or laptop, whatever. It is hard to do that on an IoT type of device. So, be cautious before you start plugging all these different things in.
Now again, the newer devices, they are getting better and better. I have to say I do use some of them myself. I use a Nest. I use Wyze Cameras. I am using some of the intelligent digital assistants now that are coming into the homes. The Alexa’s of the world and Google’s. So, these things are good, but just use caution when you set them up. Long and strong passwords. Make sure that again, it is tied into your Wi-Fi network with a long and strong password. WPA2 encryption is there. You are not using default passwords out of the box, which a lot of people still. I make it my goal every time I travel anywhere. I go into a neighborhood. I am on a business trip. I always scan to see what are open Wi-Fi access points and I always find at least one. And I kind of laugh and say, well, some people just don’t get it yet and they leave things open. It is not secure. Default passwords, easy to hack in. So, take the time when you are setting up those devices. And that way, to your point, it will protect us in this world of big data out there.
And one other point I should add is to be careful not to be too quick to use free email. If you are just sending general correspondence and things, a Gmail account and Yahoo account, that is okay. But oftentimes we are trading. We are getting free email. Why is it free? Because they are reading and have access to the content of that email and they do get breached and compromised. Look at what happened to Yahoo. Every user that used Yahoo, well, your email was compromised. The content of that email was compromised. So people have access if we are putting credit card numbers, banking information, codes, pins, Social Security numbers, whatever. It is not really private. It is not confidential, and it is out there to the public. So use caution. It is okay to pay for an email service and a provider if it gives you more security, even if it cost a little bit of money. With the point about smartphones, we are all using that. Be careful not to download every app. Some things are great. You want to download Candy Crush and play with it, but guess what? If you haven’t played with it in a month or two, guess what? Get rid of it. There is no need to keep it on your device.
John: Right.
Scott: That I always share with people. The average mobile phone user in the United States, if you have to read the terms and conditions that you agree to download those apps on your phone, would take you three months just to read them. Yet you agreed to those. Did anybody actually read all those terms and conditions? No. And yet what do they say? They have access to your contacts on your phone, Geo locations where your pictures are taken, what you entered in the browser and the search engine on your phone. You are giving them permission to see that information and of course they are abusing that and selling that through the app. So the apps, they will give you oftentimes for free. Why? They are trading you, taking away your privacy and your personal information because it is all for sale. So again, good housekeeping is necessary on our smart devices to get rid of stuff declutter that we are not actively using.
John: Beyond this great book Senior Cyber, and again, Mother’s Day and Father’s Day is coming up. I urge our listeners and our readers and our viewers, buy this book. Give it to your mother, your father. Give it to a senior that needs it. Learn a lot from it yourself. I read it in one night. I learned so much from it. Beyond this great book, which you can find on amazon.com obviously and other great booksellers. Scott, I know you do a lot of other great work. Share a little bit about what you did at Berkeley recently and saving a gentleman’s life in a snow avalanche. I think in the Swiss Alps or somewhere in France or something. It just a great story and I want you to explain how far and wide security is and how your business touches people’s lives and makes an impact on a daily and regular basis.
Scott: Yeah. Absolutely. And we are super proud of it. We develop a device that is called the Wolfhound-PRO. It is a cell phone detector. It looks for cell phone signals that are transmitted out of our mobile phone, and it is coupled to a direction-finding antenna. And what happened in this story and it is a true story and it is a recent story, just happened a few weeks ago. There was a family traveling along the base of some mountains in Val d’Isère area of France, and there was a huge avalanche that happened. The mother and two children got away safely, but the man, the father, actually got trapped. Two and a half meters of snow on top of him, which is several tons. Fortunately, he was by a tree and I can see kind of huddled near the tree and it formed a little bit of an air pocket so at least he could breathe. Right away that the villagers panicked, and they saw what happened and they knew that he was trapped and the mother and the kids were panicking. So they form a quick search team, and search-and-rescue was called in with local law enforcement. They had a team of about 130 people. And what they do is, if you are familiar with that or you may have seen it on videos or whatever. They form a line for search-and-rescue. And they get some poles to poke through to see if they could find perhaps where this man might be before he can’t breathe anymore and gets crushed from the snow.
So 130 people, they form this huge line. They go over the area. They couldn’t find him. They brought out search dogs. Unfortunately, he was buried so deep that the dogs can’t pick up the scent through the depth of the snow and the moisture. Well, there was somebody on search-and-rescue that happens to have our tool, the Wolfhound-PRO. He pulled it out and all of a sudden he started scanning and he sees on the screen the signal strength intensity and he sees the man’s phone pinging that is trapped beneath the snow. And he said, “Guys, come on back here. I got a ping right here.” The area they just searched and walked over. They frantically dig. And it was approximately 2 hours and 50 minutes later from when the avalanche happened, they got to the guy. Dug him out, rushed him to the emergency. The next thing, he survived with just minor scrapes and bruises and he is alive today. And they credited it to the miracle of the Wolfhound-PRO which we were so blessed and privileged to be able to hear that story and then see that our tool is used to actually qualify and save a life which just makes you feel good that technology I find often is misused by cybercriminals and hackers and people just doing bad stuff. It is nice when technology can actually be used for good and it saves lives. It makes you feel great.
John: That is awesome. And that is why I have you always on this show and you are always welcome back here, Scott.
Scott: I appreciate it.
John: Because you always make an impact on our listeners and our viewers. Your tools are important. Your books are really important. Your information. This is one of the biggest issues in the world today. Cybersecurity, data security, protecting yourself, your business, the Entity you work for. In this situation, Senior Cyber, you get to protect your parents. Who is more important than your parents and your children? So, Mother’s Day is coming up. Father’s Day is coming up. Get this book, Senior Cyber. Scott, I am so grateful to you for making the impacts that you make. You are always a welcomed guest on the Impact Podcast. Thank you for making the world a better and safer place. I can’t wait to have you back on again, my friend.
Scott: All right. Thank you again so much for your kindness there, John. Keep up the great work you are doing too. I appreciate it.
John: This edition of the Impact Podcast is brought to you by Trajectory Energy Partners. Trajectory Energy Partners brings together landowners, electricity users, and communities to develop solar energy projects with strong local support. For more information on how Trajectory is leading the Solar Revolution, please visit trajectoryenergy.com.