The FBI and the growing threat of cyberattacks on Boston's startups

April 4, 2014

Sara Castellanos

Bit9 specializes in developing state-of-the-art security programs, but that didn’t prevent hackers from gaining access to unprotected computers at the company a year ago to spread malicious software.

The Waltham firm described the attack as an “operational oversight.” But it also served as an embarrassing reminder that all businesses connected to the Internet, no matter their size or industry, are susceptible to cyber attacks.

“The fact that this happened — even to us — shows that the threat from malicious actors is very real, extremely sophisticated, and that all of us must be vigilant,” Bit9 CEO Patrick Morley wrote in a blog post at the time.

Federal officials and IT-security industry executives are worried that more attacks like the Bit9 hack could be coming soon. They say cyber attacks are posing an increasing threat to small and midsized firms. Many are at risk because they have less money and time to spend on IT security. Startups are also susceptible because they’re often so focused on getting their products and services to market that they might miss the need to properly shield themselves from cyber threats.

The FBI has identified Boston as one of the top cities with a vast amount of potential targets for cyber attackers because of the breadth of research and innovation being conducted at top universities and the hundreds of startups based here.

Some experts call it the “perfect storm of insecurity,” said Lee Weiner, senior vice president of products and engineering for Boston-based security software firm Rapid7. “The economics for the attacker have never been better, and the market for stolen data is very good for the attacker,” he said.