Suspicious emails, lack of training, and weak passwords are some of the top causes of successful cyberattacks
The unprecedented COVID-19 pandemic hit the nation in a way no one could have anticipated. The surge of COVID-19 cases and deaths prompted many people to stay indoors and many businesses to operate primarily online and with the use of other technology to stay in business.
With this increased dependency on technology—including mobile phones, laptops, and other devices—there has also been an increase in cyberattacks that has impacted many businesses and individuals across the globe.
It was recently reported that Howard University experienced a ransomware cybersecurity attack in early September, which halted classes and impeded internet access. According to the University, no personal information was accessed by the cyber criminals, but it was a major attack that forced them to implement several steps to address it. According to University officials, students, faculty members and the administration were instructed to reset their email passwords in order to access their emails and utilize the internet.
One month prior to the cyberattack at Howard University, Port Houston—which is one of the nation’s largest ports—faced its own cyberattack in August. Fortunately, according to Port officials, the cyberattack had no impact on their operating systems.
In a statement released by Port Houston officials, they discussed their ability to successfully thwart the recent cyberattack, stating:
“The Port of Houston Authority (Port Houston) successfully defended itself against a cybersecurity attack in August. Port Houston followed its Facilities Security Plan in doing so, as guided under the Maritime Transportation Security Act (MTSA), and no operational data or systems were impacted as a result.”
Cybersecurity is one of the biggest threats to our overall quality of life across the globe, and these cyberattacks are real and becoming more frequent and sophisticated.
Because our overall dependency on the internet and mobile devices is increasing, it is also important for everyone to realize just how real and important cyber safety is going forward. There are countless cybercrimes being committed, and the number of people and businesses who are falling victim to these sophisticated cyber criminals is steadily increasing.
The need for all of us to utilize the internet in a safe and secure way is critical, as is the need for us to have confidence that our personal and business information will be safe when we use any form of technology. We are constantly browsing the internet, using mobile applications, paying bills online, inputting passwords, sharing personal information.
According to Retarus—a global IT and communications firm based in Munich, Germany—the overall cost of having our information compromised and of data breaches is on the rise.
- As of 2020, the average cost of a data breach was $3.86 million
- The average time to identify and contain a breach in 2020 was a staggering 280 days
- The average cost of downtime is 24 times higher than the average ransom amount
- The healthcare industry lost an estimated $25 billion to ransomware attacks in 2019
- Cybercrime is projected to cost the world $10.5 trillion annually by 2025
- In 2019, 60% of breaches exploited vulnerabilities for which a patch was available but not applied
- Phishing emails, lack of training, and weak passwords are some of the top causes of successful ransomware attacks
- Almost 50% of business PCs that got infected once in 2019 were re-infected within the same year
- Smaller organizations (1–250 employees) have the highest targeted malicious email rate at 1 in 323
- 66% of companies will be spending some of their increased budget to comply with laws and regulations – many of these companies complain that compliance mandates are a “distraction” from executing strategic plans
It is being projected that the number of internet-connected devices will increase from 35 billion devices in 2021 to 75 billion in 2025. People must be aware of ways to stay safe and secure.
According to Crime Stoppers of Houston, which is considered Houston’s top non-profit dedicated to public safety and solving and preventing serious crime in the Greater Houston Area, here are some cyber statistics you may not be aware of:
- 72 percent of Americans believe their accounts are secure with only usernames and passwords, yet every two seconds there is another victim of identity fraud. Your usernames and passwords are not enough to keep your accounts secure.
- 50 percent of American adults are worried about the amount of personal information about them online, while 47 percent said they were not confident they understood what would be done with their data once it was collected (National Cyber Security Alliance, January 12, 2017).
- Internet safety was the 4th most commonly identified “big problem”, up from #8 in 2014.
“If we can help people understand that anyone sending you a random email asking you to verify a charge or click an unknown link or provide personal information, that it is a red flag,” said Rania Mankarious, CEO of Crimestoppers of Houston. “If it is unsolicited and it comes to you and it seems odd because they are asking you for your personal information, do not proceed because 9 times out of 10, it is probably someone looking to scam you.”
Gregory Bledsoe, who serves as President & CEO of Chrysalis MSP, states that it is a good practice to avoid suspicious emails and to take proactive steps to avoid becoming a victim.
“One of the most common things we see, especially in business, is that passwords are hardly ever changed and tend to stay the same,” said Bledsoe. “You should also create passwords that are longer, and have different characters, have an extremely low likelihood of being compromised.”
According to Bledsoe, small businesses are low-hanging fruit because many of them don’t believe they are a likely target, and they operate very loosely, with no security systems and protocols in place.
“One of the most common practices that you can put into place to help with potentially avoiding a data breach is to change your passwords every 60 to 90 days,” said Tony Alberti, who works for Chrysalis MSP.
A few years ago, the Houston Forward Times became a victim of a cyberattack and had many of its critical documents and information hijacked by cyber criminals. They demanded a significant ransom and would not release the documents unless they were paid the ransom. Fortunately, most of the documents had been backed up on another server, but some were unable to be recovered after refusing to pay the hefty ransom.
It became a serious lesson learned, in that the Houston Forward Times chose to take the necessary steps to invest in cyber security prevention systems to prevent any future attacks from disrupting the day-to-day operations of this historic generational Black-owned publication.
It is important for everyone, whether business or personal, to be proactive and do what needs to be done to protect yourself from a cyberattack. If you must spend money or implement processes to protect yourself from a cyberattack, it is well worth the time and resources to avoid the headache and heartache associated with being a cyber victim. Plan and budget accordingly.