Friday marks the start of Cybersecurity Awareness Month in October.
Ever since COVID-19 forced everyone into the virtual realm for work and school, the risks of cyberattacks continue to spiral out of control.
“I’m here to tell you the severity and frequency of these attacks is really off the hook. It just is,” said Robert Anderson, CEO of Dallas-based cybersecurity firm Cyber Defense Labs.
Anderson has watched technology evolve during the spent 20 years with the FBI. He led the Criminal, Cyber, Response and Services Branch as an executive assistant director at headquarters, overseeing all of their criminal and cyber investigations worldwide.
The latest news from around North Texas.
“We fought a war on terror. And I’m here to tell you there should be a war on cyber. It’s that global and it’s that big," he said.
He said cyberattacks have skyrocketed in the last 18 months all over the country, with companies reporting a huge increase in breaches and cyber threats.
“Years ago, for a bad guy to hurt you, he had to touch you. They had to be around you," he said. "And over the last five to 10 years, technology, the dark web and everything else that’s going on with cyber, it’s really opened it up for bad guys to attack people all over the country."
At one point during the pandemic, Texas ranked 2nd in the country with the most remote workers. Some even think work from home is here to stay in some capacity.
So that means company hardware is staying out of the office and in people's homes, where it's harder to protect.
“It’s offering more vulnerabilities in areas for people to allow access in the system that they might not have had before,” said Anderson. “They take advantage of situations like this, especially people that are in a virtual environment – it’s easier to get into the system that way.”
Texas school districts are getting hit. There was the Colonial Pipeline ransomware attack in April that led to gas shortages and last fall's cyberattack on Texas hospitals during the national breach.
Anderson said these cyberattacks are escalating because cybercriminals are exploiting weaknesses during the pandemic.
“I don’t think people understand the severity of what’s actually going on across the country. Large scale companies can afford robust information security programs and they can hire who they want to hire to protect them,” he explained. “But the small mom and pop companies, mid-market companies across the country – they can’t afford a multi-million dollar breach or can’t afford redundancy and data resilience. They really need help."
Cyber Defense Labs is assisting companies in this age of ransomware, phishing and hacking. They do proactive work before a breach like risk assessments and data resilience. They also handle any type of incident response to a breach for clients and then follow up with service technology to prevent an attack from happening again.
Anderson stressed the importance for federal leaders to consider allocating funding and staffing to help assist companies and smaller businesses in cyber-attacks, as the threats increase with evolving tech. Organizations in countries like China and Russia, which have played a role in major cyber-attacks in recent years, should be of key concern for the business community, he said.
"The trouble with China and Russia, you’ve got a guy like me who retired out of the FBI -- I come and work at a private sector company and I’m abiding by the law. In Russia and China, guys like me retire and they start criminal organizations and they start attacking other countries," Anderson explained. "They don’t always have the weight of the law hanging over their head. So they can reach back into the intelligence organizations that they worked for. You can’t do that here in the United States."
Anderson shared a few tips for those workers and companies continuing remote work:
Protect Passwords: Require multi-factor authentication for your employee logins. Most software programs and vendors will give you the option of requiring it. Also, insist that your employees use unique and complex passwords. Again, it seems simple, but stolen or compromised passwords are the mechanism used in up to 61% of breaches according to a 2021 Verizon 2021 data breach investigation. Store passwords securely – don’t make it easy for hackers to get to them. Establish policies that prohibit employees from saving administrative passwords in emails or in files on desktops.
Do a Security Assessment: With more companies moving to the cloud and adopting new technologies, security controls are often overlooked. Simply taking the time to find out if you are using the security features you already have, and have them configured correctly, can go a long way. Also, make sure that you have the appropriate backups in place and that they are segmented and safe.
Incident Response Planning: Do you know how you would react if you were faced with a breach or ransomware attack today? What if you woke up tomorrow and couldn’t access your systems, communicate with your team, or conduct operations? Come up with a detailed plan about what steps would be taken if a cyber event occurs. Train your leadership team and make sure that they are ready to enact the plan if a crisis occurs.
Control Access to Data: Know where your data is stored, what is sensitive, and who has control over it. Limit access, as much as possible. Not everyone on your staff should have access to sensitive data – only those that ultimately need it and can be trusted with it. This includes paper files and external drives. Remember that even hard copies, like medical records or credit applications, should be locked in a cabinet.
Cybersecurity Awareness Training: Malicious links and downloads are the most frequent way that attackers gain entry into companies’ systems today. It seems simple, but regularly educate your workforce about cybersecurity risks. Constantly remind employees to be cautious when clicking on links and downloading files. Make sure that they are vigilant about avoiding emails and URL addresses that look suspicious. Teach employees to double-check when asked to make any financial transactions. Make sure that employees are trained to also get verbal confirmations.
Here are a few common mistakes:
- Use of personal email for corporate communication
- Passwords never changed or set to default
- Devices connected to open/unsecured Wi-Fi
- Antivirus software is rarely monitored or updated
- Using unknown data sources and devices, such as free thumb drives and personal cell phones
It also goes without saying, don't click that random link from a random email sent to your work account.
“A lot of times, breaches that we see nowadays -- it’s not from a malicious insider,” said Anderson. “It’s from somebody that’s working really hard, they’re overworked and they're multitasking. All of a sudden they click on an attachment or email and the next thing you know the company is breached.”