|Brent Cooper. Provided.|
We have a growing epidemic of cybercrime in this country. I’ve been working in I.T. my entire adult life and I can’t remember a time when cybersecurity was this bad. Thanks to ever increasing news stories about hacks, breaches, leaks and identity theft, most folks are aware that cybercrime exists, but we still aren’t talking about it the way we should.
This week Dave Hatter (Mayor of Fort Wright) and I travelled to Frankfort to speak with the House committee on Small Business & I.T. (Chaired by Rep. Diane St. Onge) to bring more attention to this issue.
At the airport, we hear the phrase, “If you see something, say something.” Years ago if we saw an unattended bag, we might not have said a word. Things are different now.
We need to have that same mentality with cybercrime.
So how bad is cybercrime today?
According to industry estimates, cybercrime attacks are continuing to increase 30%-40% each year. But the truth is, no one can say for sure because a large amount of attacks goes unreported.
According to Symantec, nearly half of all attacks are against small businesses.
At least four attacks on police departments have resulted in the police paying the criminals to have their data decrypted. When the police are paying criminals, you know it is very bad.
Why is cybercrime growing?
Because the criminals are getting paid and they can operate with impunity.
According to a recent Trend Micro report, nearly 2 thirds of those infected with Ransomware are paying the ransom.
The average ransom (in Bitcoin) is between $750-$800. For many, the ransom is just low enough that a small business might be willing to pay it rather than go through the time/hassle of doing a data restore.
Cisco Systems is projecting ransomware attacks will double this year.
Attacks are also increasing because you don’t have to be a skilled hacker to perform an attack. Criminals are now selling “Ransomware kits” online that make attacking a business an easy prospect.
Attacks from Russia, China, and a variety of other countries happen to small businesses on a daily basis, and there doesn’t appear to be any answer from state or federal officials.
What should businesses do to protect themselves?
Unfortunately, there isn’t a silver bullet. Proper security involves a multi-pronged approach. Firewalls, antivirus & anti-malware software, regular security updates, data encryption and dual authentication are all important components. Monitoring & testing data backups are critical.
Every business should regularly perform penetration tests and dedicate time to training employees about attacks, spam and phishing attacks in particular. Over 90% of attacks are coming in via e-mail.
Regardless of the security measures you have in place, every business owner should know this: No matter what you do you can still be hacked. Anyone who tells you “Just do these things and you’ll be safe” is misleading to you.
For that reason, everyone should have processes in place that monitor key aspects of the business and cyber incident response plans ready to go.
We need to go on offense!
Just like other epidemics, we need people to come out of the shadows and share their stories so elected officials can begin fighting on our behalf.
Until criminals and/or countries engaged in cybercrime face real consequences, attacks will continue to increase. These people need to be held accountable.
Let’s start treating cybercrime as an epidemic, and engage with the full attention and resources of our entire community. If we don’t, the criminals will continue to win.
Brent Cooper is President & owner of C-Forward, one of the top I.T. service firms in Ohio and Kentucky. He lives in Fort Thomas with his wife Lisa and his daughters Sydney and Emma.