Listen: Local Leaders Warn Frankfort (and You) of Cyber Crime Epidemic
Ft. Wright mayor Dave Hatter and C-Forward president Brent Cooper went to Frankfort to highlight concerns about the growing cyber crime epidemic. They joined RCN's Michael Monks to discuss it.
The following text in an op-ed written by Brent Cooper
We have a growing epidemic of cybercrime in this country. I’ve been working in I.T. my entire adult life, and I can’t remember a time when cyber security was this bad. Thanks to ever increasing news stories about hacks, breaches, leaks and identity theft, most folks are aware that cyber crime exists, but we still aren’t talking about it the way we should.
This week Dave Hatter, mayor of Ft. Wright, and I traveled to Frankfort to speak with the House committee on Small Business & I.T. (chaired by Rep. Diane St. Onge, Republican of Lakeside Park) to bring more attention to this issue.
Just like with other epidemics, the first thing we need to do is inform people of the impact and severity of the problem and then work hard to maintain awareness of the issue, which is difficult because the technology and the attacks change rapidly.
At the airport, we hear the phrase, “If you see something, say something.” Years ago, if we saw an unattended bag, we might not have said a word. Things are different now.
We need to have that same mentality with cyber crime.
Our citizens need to be constantly educated on the various scams and attacks, and best practices for protecting themselves.
So how bad is cyber crime today?
Industry estimates reported new cyber attacks rose to 140 million in 2014, which increased to 250 million in 2015. But those are just estimates and probably on the low side. The truth is, no one can say for sure because a large amount of attacks go unreported and even when reported, may take years to detect. Regardless of what estimates you believe, various reports from around the country generally confirm what we’ve seen here in our community: Cyber crime attacks are continuing to increase 30 to 40 percent each year.
Cisco Systems just released a report that projects ransomware attacks this year will double.
We’ve heard about attacks on government, retail, schools and health care facilities, but rarely do we hear about the attacks on small businesses. According to Symantec, nearly half of all attacks are against small businesses. Most small businesses keep the fact that they were attacked a secret.
But the truth is, everyone is a potential target.
At least four attacks on police departments have resulted in the police paying the criminals to have their data decrypted. When the police are paying criminals, you know it is very bad.
Why is cyber crime growing?
Because the criminals are getting paid, they operate with impunity, and our government is focused on other issues.
According to a recent Trend Micro report, nearly two-thirds of those infected with Ransomware are paying the ransom. That is up from previous estimates of 30 to 40 percent. The average ransom (in Bitcoin) is between $750 and $800. For many, the ransom is just low enough that a small business might be willing to pay it rather than go through the time/hassle of doing a data restore.
But the ransom for big organizations can be much larger. In the past six months we’ve seen highly publicized cases where hospitals and schools paid ransoms above $10,000 and $20,000.
Attacks are also increasing because you don’t have to be a trained hacker to perform an attack. Criminals are now selling “Ransomware kits” online that make attacking a business an easy prospect.
Most of the elected officials I’ve spoken with have no idea how vulnerable the country really is, or that the public agencies we trust to arrest criminals are largely unable to help due to the sheer number of attacks, and the lack of resources to investigate and prosecute criminals.
Attacks from Russia, China, and a variety of other countries happen to small businesses on a daily basis. Swing by any local I.T. services company and they can show you how many attacks come through each second. You will likely be shocked.
What should businesses do to protect themselves?
In addition to firewalls, antivirus, and anti-malware software, and installing security updates, everyone should be using data encryption and dual authentication methods whenever possible. It is also critical that data backups be monitored and regularly tested to ensure that any disaster recovery plans will work.
Finally, every business should be dedicating time to training employees about attacks, spam, and phishing, in particular. Over 90 percent of attacks are coming in via e-mail.
And every business owner should also know this: You can implement every reasonable security measure and still be hacked.
Anyone that tells you “Just do these things and you’ll be safe”, is misleading you.
So having processes in place that monitor all key aspects of the business is critical. It is also important to have a plan for responding to a security breach.
We need to go on offense!
Most businesses don’t go to the authorities when they are hacked, either because they are embarrassed that they fell for a scam and/or clicked on something they shouldn’t, or because they have a lack of confidence that the police can help.
How sad is that? Think of any other crime where your business was hijacked, and you don’t even call the police for help?
Even if you invest time and money to identify the criminal in China attacking your business, it is very difficult, if not impossible, to get someone to arrest them.
Just like other epidemics, that needs to change.
Until criminals and/or countries engaged in cyber crime face real consequences, attacks will continue to increase. These people need to be held accountable.
Chances are that you know someone who has been attacked. We need victims to share their stories with our elected officials so that they can better understand the scope of the problem and help others avoid the same issue.
Until we start treating cyber crime as an epidemic, and engage with the full attention and resources of our entire community, the risks will continue to grow and the criminals will continue to win.
Photo: Northern Kentucky Chamber of Commerce president Trey Grayson, Brent Cooper, Rep. St. Onge, and Mayor Hatter in Frankfort (provided)