Cyber attacks have become so commonplace that people have grown numb to the threat, even though these crimes are projected to cost $9.22 trillion this year, according to Statista's Market Insights. Businesses now view dealing with cyber attacks as a normal cost of operating.
"It's become ... a commercial criminal enterprise," said Dwight Hughes, director of Clark College's cybersecurity program.
Rebound Orthopedics & Neurosurgery is the most recent local business to have fallen prey to a cyber attack, but Clark County government and Burgerville also have been struck in the past few years. And those are just the attacks that became public knowledge.
BY THE NUMBERS
Source: FBI
- Data Breach: 74
- Ransomware: 54
- Personal Data Breach: 1,280
- Phishing/Spoofing: 191
- Malware: 23
Crime Type by Victim Loss in Washington in 2023
- Data Breach: $1,085,838
- Ransomware: $1,548
- Personal Data Breach: $11,062,062
- Phishing/Spoofing: $466,866
- Malware: $2,590
Washington law requires organizations that own or license personal information to notify Washington residents within 45 days of attacks that compromise unsecured personal information. But organizations that suffer attacks that don't involve consumers' information do not need to notify anyone. Health care companies follow specific federal laws that require patients to be notified of breaches targeting protected health information.
Eric Landon, director of operations and technology at Vancouver's Riverview Bank, said businesses are affected beyond the initial attack.
"It's the impact of the reputation because you're all of a sudden on the evening news or in the newspaper," Landon said.
A hit to a business's reputation could influence its sales or even deplete its existing customer base.
Then there are the associated expenses — like identifying the issue, remedying it, notifying customers and determining how to improve cybersecurity going forward.
"All those things are a huge cost," Landon said.
Clark College's attackers didn't end up with any student information when they hacked the technology lab because there wasn't any there.
"But the hacker didn't know that when they broke in there," Hughes said.
COUTNERING THE THREAT
The booming cyber crime industry has led to increased demand among businesses for cybersecurity professionals. The state's Employment Security Department projects annual growth of 5.3 percent in the field. Clark College developed its cybersecurity bachelor's degree program to train people locally.
Mohammed "Giga" Alqeeq, Clark College's lead cybersecurity instructor, said the program helps students learn from real-world scenarios.
INFORMATION GLOSSARY
- Ransomware: Malicious software created to block access to a computer system until a ransom is paid.
- Malware: Software designed to disrupt, harm or get unauthorized access to a computer system.
- Phishing: Emails that claim to be from reputable source with the intent of getting recipients to divulge personal information.
TO GET HELP
Victims of any crime can call, text or chat with a specialist from the National Center for Victims of Crime's Victim Connect hotline at 1-855-484-2846. Resources are also available online at www.victimconnect.org.
The program launched in 2020 with a small cohort of students. It's close to full capacity with nearly 100 students who are training to be professionals who will go into the workforce to defend companies against malware, phishing, ransomware and other cyber crimes that threaten companies and their data. The program is expected to grow to 150 people in the fall.
Landon said businesses should have strong security in place and do everything possible to make themselves less of a target. He said one option is to store more data offline.
"To some level, you're going to have a breach and therefore need to be prepared to recover from that effectively without bringing your company to its knees," Landon said.
Although companies work to protect their data, if it's breached, they often pay ransoms to retrieve what was lost. The ransom may even be covered by insurance. But consumers' information is still regularly compromised.
TIPS TO PREVENT CYBER ATTACKS
Cyber attacks are common these days. But consumers can take steps to protect themselves, said Wendy Smith, chief risk officer at Columbia Credit Union. Here's her advice:
- Do not click a link via text or email to "verify" your account or to confirm a transaction.
- Do not include personal information in a survey.
- Do not give your username, password or one-time passcode to anyone.
- Use unique passwords across all accounts.
- If you think a hacker has accessed your personal information such as your Social Security number, credit card numbers or bank account info, go to identitytheft.gov to report it and get a recovery plan.
Iva Rody, chief programs officer at the National Center for Victims of Crime, said the impact that cyber attacks have on victims is sometimes missed.
"Information that's stolen is often private," Rody said. "A wide range of emotional impact comes along with financial fraud that not a lot of people realize."
Victims may deal with anger, grief, loss, embarrassment, fear or simply frustration.
Stolen information is often distributed as well, Rody said. Identity theft can follow.
"It impacts their ability to be made whole," she said.
Employees at a company that has been compromised may also deal with their own fears about opening email attachments or clicking on links.
"They don't want to ... feel like they were the one that caused the major problem," Rody said.
AI SPIKES CYBERCRIME
Experts expect the rapid development of artificial intelligence to further drive cyber crimes, making cybersecurity programs like Clark's increasingly important to fight the ever-evolving threats.
Clark's students aren't there memorizing facts, but rather learning how to apply and synthesize knowledge, Hughes said.
"They have to be lifelong learners," said Hughes, pointing to the rapid advancement of technology.
Hackers are always looking for weaknesses in new technologies.
"It's always changing," Alqeeq said. "It's just a matter of time."
©2024 The Columbian, Distributed by Tribune Content Agency, LLC.
