Issue link: https://read.uberflip.com/i/1510839
Kahua | www.kahua.com 2 As you peruse the latest trade magazine or construction website, doesn't it seem like there is always another report of a serious hack or data breach? Statista.com reports that in 2022, there were 1,800-plus such incidents reported in the United States alone, which impacted 422 million individuals. Globally things are not any better, and perhaps they are more frightening. Twice – in 2016 and 2018 – the number affected globally exceeded 2 billion individuals. And these are just the ones that are reported. Many breaches do not get announced to avoid public scrutiny or embarrassment. Perhaps you have received a letter which informs you that a bank or creditor or merchant you use has experienced such a breach. The letter tells you that "your information may have been accessed." The vendor then goes on to say they are making it right by offering a year's worth of some credit monitoring. Recently while visiting with a leading construction program management firm in Houston, I heard of two such attacks inflicted on its clients. One was a school district in Texas which paid $35,000 in bitcoin to have its data – and doors – unlocked. The hackers had not only taken over the district's servers, but they also entered the building security system and locked all the doors and entry ways at several schools. School actually had to be canceled for a week! In looking for more information on this incident, I learned that dozens and dozens of Texas school districts have paid this kind of ransom. The most common practice is to just pay the hackers and try to beef up security later. The second attack was on a private company, a design firm involved in hundreds of projects, which runs its business with multiple Internet-based communication and information management systems. This firm did not disclose how much it cost to get out of this jam. Most of these attacks are not intended to harm the attacked; they are done for profit. Week after week in 2019, another Texas school district was hit. Each time, the ransom amount was based on the district's size, wealth and ability to pay. The attackers kept the number just low enough to make paying ransom easier than trying to regain control of its IT infrastructure. Schools are particularly vulnerable because they are under such public scrutiny, they are underprepared, and they tend to pay these ransoms quickly. Understaffed/under-resourced is a common condition for most government agencies. Few have staff dedicated to cybersecurity. Other industries are attacked even more often. Health care, financial services and manufacturing top the list of the most attacked industries. And the attacks can be malicious. Hacktivists, as they are called, work to cause damage and interfere with the supply chain, based on ideologic views. Last year a group called Predatory Sparrow caused a fire in an Iranian steel mill in response to unspecified acts of aggression carried out by the Islamic republic. Previously the same group had taken Iran's national fuel station payment system offline and highjacked digital billboards, posting questions to Ayatollah Ali Khamenei, the country's supreme leader, asking, "Where is our fuel?" What should we do? With such a volume of bad actors trying to access data, what can organizations that hold sensitive data do to protect themselves?