[author: Bob Conrad]
The continuing increase of cyber-crime and the almost daily reports of hacking attacks against businesses, government agencies, and citizens highlight the persistence of this escalating national security and corporate threat. In last thirty days, we observed the huge international WannaCry cyber ransomware event impacting over 150 countries and tens of thousands of government and corporate victims. This incident was followed a week ago with the Petya ransomware outbreak which initially impacted the Ukraine and Russia and continues to spread across the globe. The initial cause in both cases appears to be a combination of using outdated operating systems, Phishing attacks, and the use of potentially stolen NSA cyber tools.
In the case of Petya, it now appears that the initial outbreak of ransomware was a ruse to hide the true motive of Russian interference with Ukrainian operations. The problem with these types of attacks is they often inflict challenges on unintended victims, spreading far beyond intended targets across international boundaries.
Closer to home, within the last sixty days, we have seen over 198M GOP voters information leaked through poor security practices by a contractor; a fired employee hacking and shutting down smart water readers in five U.S. cities; the city of Dallas losing control of its emergency siren warning system from an apparent cyber-attack; and healthcare and university data breaches across the country. Given the current and intensifying cyber-threat environment, we should all be concerned about the cybersecurity posture of our clients, fellow co-workers, and our families. Given that some estimates place the number of malware types at greater than 600 million and growing, the security of corporate and individual information technology (IT) operations is undoubtedly in great jeopardy. As most organizations have limited budgets to deal with these cyber-attacks, they may lack the necessary technical and personnel skills to operate in this volatile IT environment. Unfortunately, situation normal is now a daily flood of new cyber intrusions. But it doesn’t have to be.
