As events continue to unfold across the Atlantic, many are worried about what could happen here at home, especially when it comes to cybersecurity.
“There’s so much need for cybersecurity, whether it be for that mom and pop dentist office or that Fortune 500 company,” said Andrew Carr of Utica University. “Ransomware groups have gotten far more aggressive in recent years and far more organized.”
Carr is the director of graduate cybersecurity programs at Utica University. He's teaching the next generation of defensive-tech minds.
“I spent the last three and a half years in the industry in instant response,” he added. “So investigating ransomware incidents, business email compromise, network intrusions; everything you could could think of.”
Carr says with major national and global events come opportunities for cyber-criminals to catch people at their most vulnerable.
“We saw attacks like the JBS foods and Colonial Pipeline last year. Those had significant impacts on our supply chain. We could see things like that happening again,” said Carr.
When you hear the word "cyberattack," some immediately think of Russia as the boogeyman and Carr says they're right to, but he's not under the impression that Putin and company will be turning their eyes west unless their war leaves Ukraine.
Though if it does..
“Obviously, we don't want to involve nuclear weapons, but we can do a lot of damage with a keyboard,” said Carr.
In any case, with the state, nation and globe as they are...
“We're likely to see as a result of everything that's going on in society right now an increase in attacks, any organization in the world with enough time and effort can be hacked,” said Carr.
As cyber attacks have developed over the years, so has their price tag.
“The average cost of a data breach is up to $5 million," said Carr.
That could potentially only be half of it.
“There's the forensic investigation, the lawyers that you have to assemble from it, the business interruption costs; think industries like manufacturing or services,” said Carr. “If they're down for two weeks, what kind of losses have they experienced as a result of this beyond just the ransom?”
Carr, with a wealth of knowledge in this field, says the biggest hit are usually those in the "middle market," meaning those Mom and Pop's and businesses between 500 and 1,000 employees.
“People would think that they're not a target, right? They don't have huge revenues. They're not really on the map of these people,” added Carr. “Unfortunately, it's the exact opposite. They do have access to a large wealth of information that is very sensitive. You know, health records, PII, credit card information, those types of things are available, so they are right for the picking, if you will, from these criminals.”
Worse still, Carr says most attacks are not a fringe basement cell, but massive organization with call centers and infrastructure. They know exactly what they're doing.
“They're looking for insurance policies. They're looking for the limits on your insurance policies. They're looking to see your disaster recovery plans and your instant response plans. They want to know how you will react to these,” said Carr.
So what happens when attacks occur? Unfortunately, we don't have the clearest picture.
“A lot of the ransomware events go unreported because people don't accurately assess their notification obligations,” said Carr. “They want to sweep it under the rug if you will, and if they can pay the sum of money they just want to go about their day.”
But as you hear all of this, the key is not to panic, but take steps on personal and organizational levels to be ready.
“Many things like multi-factor authentication, having penetration tests done to identify vulnerabilities and weaknesses in your environment. Not all attacks can be prevented, nor will they be, but making yourself a difficult target will hopefully get you passed over and they'll move on to the next easy target.”