A nonprofit publication of the Kentucky Center for Public Service Journalism

Brent Cooper: Cybercrime is more prevalent than ever and we need to deal more aggressively with it


We have a growing epidemic of cybercrime in this country. I’ve been working in I.T. my entire adult life and I can’t remember a time when cybersecurity was this bad.

Thanks to ever increasing news stories about hacks, breaches, leaks and identity theft, most folks are aware that cybercrime exists, but we still aren’t talking about it the way we should.

This week Dave Hatter (Mayor of Fort Wright) and I travelled to Frankfort to speak with the House committee on Small Business & I.T. (Chaired by Rep. Diane St. Onge) to bring more attention to this issue.

Chamber President Trey Grayson, Rep. Diane St. Onge, Brent Cooper, and Fort Wright Mayor Dave Hatter

At the airport, we hear the phrase, “If you see something, say something.” Years ago if we saw an unattended bag, we might not have said a word. Things are different now.

We need to have that same mentality with cybercrime.

So how bad is cybercrime today?

According to industry estimates, cybercrime attacks are continuing to increase 30%-40% each year. But the truth is, no one can say for sure because a large amount of attacks goes unreported.

According to Symantec, nearly half of all attacks are against small businesses.

At least four attacks on police departments have resulted in the police paying the criminals to have their data decrypted. When the police are paying criminals, you know it is very bad.

Why is cybercrime growing?

Because the criminals are getting paid and they can operate with impunity.
According to a recent Trend Micro report, nearly 2 thirds of those infected with Ransomware are paying the ransom.

The average ransom (in Bitcoin) is between $750-$800. For many, the ransom is just low enough that a small business might be willing to pay it rather than go through the time/hassle of doing a data restore.

Cisco Systems is projecting ransomware attacks will double this year.
Attacks are also increasing because you don’t have to be a skilled hacker to perform an attack. Criminals are now selling “Ransomware kits” online that make attacking a business an easy prospect.

Attacks from Russia, China, and a variety of other countries happen to small businesses on a daily basis, and there doesn’t appear to be any answer from state or federal officials.

What should businesses do to protect themselves?

Unfortunately, there isn’t a silver bullet. Proper security involves a multi-pronged approach. Firewalls, antivirus & anti-malware software, regular security updates, data encryption and dual authentication are all important components. Monitoring & testing data backups are critical.
Every business should regularly perform penetration tests and dedicate time to training employees about attacks, spam and phishing attacks in particular. Over 90% of attacks are coming in via e-mail.

Regardless of the security measures you have in place, every business owner should know this: No matter what you do you can still be hacked. Anyone who tells you “Just do these things and you’ll be safe” is misleading to you.

For that reason, everyone should have processes in place that monitor key aspects of the business and cyber incident response plans ready to go.
We need to go on offense!

Just like other epidemics, we need people to come out of the shadows and share their stories so elected officials can begin fighting on our behalf.
Until criminals and/or countries engaged in cybercrime face real consequences, attacks will continue to increase. These people need to be held accountable.

Let’s start treating cybercrime as an epidemic, and engage with the full attention and resources of our entire community. If we don’t, the criminals will continue to win.

Brent Cooper is CEO of C-Forward.


Recent Posts

One Comment

  1. This is a very hot topic that needs to be addressed. In regards to ransomware attacks/attachments from these various facilities that have set-up shop and ARE collecting ransom money once infecting business, private and basically ANY computer where someone visits a website to read a story or gather information, authorities need to be contacted to trace where these criminals are located and prosecute to the fullest extent of the law.
    Years ago, I was a victim of such cybercrime and not knowing where to turn to, I called the telephone number associated with the hack page and they (middle eastern person ) walked me through the process of so-called cleaning the infection from my computer, only after I had given them my bank card number for payment. Within the story of this article, it appears NO-ONE is immune as even police departments computers have been infected with ransomware while performing searches for criminal history and Facebook exchanges.
    Along the same line of attacks, there are/is those so-called IRS random telephone calls where mostly middle eastern voices on the other end of the telephone line tell you that you have been audited and are in violation of taxes due and that this is your FINAL WARNING to make payment NOW via a credit card or else YOU will be subject to federal prosecution and jail time.
    I have performed searches of the area code prefix for some of these “IRS” telephone calls and almost all of them show -up as Washington D.C. area numbers. It is high time that the United States Federal authorities be notified and go after these cybercriminals and recapture the millions and millions of dollars that they have maliciously raked from the everyday people.

Leave a Comment