ContributorsPublishersAdvertisers
Public Safety

Opinion: The U.S. is falling behind in fighting cybercriminals — here’s what has to change

By Eric Cole
MarketWatch
MarketWatch
 1 day ago
https://img.particlenews.com/image.php?url=1X26Pn_0dXQU3Ob00
Agence France-Presse/Getty Images

In 1970s New York, the mafia’s tight grip on the city led many business owners to include a mob payout line item in their annual budget. Today, some of the world’s biggest corporations are once again budgeting for extortion. This time, the threat comes not from physical violence but from cybercriminals half a world away.

Ransomware attacks have been rising sharply over the last few years. In early 2021, the FBI’s 2020 Internet Crime Report included 791,790 complaints of suspected internet crime, an increase of more than 300,000 complaints from 2019, with companies reporting a collective loss exceeding $4.2 billion – and those are just the attacks reported to the Bureau. Still more firms have opted to handle cyberattacks internally, quietly paying ransom to cybercriminals who threaten to release customer data or worse. In fact, The Government Accountability Office reported in May that the number of companies invested in cyber insurance policies had risen from about 25% in 2016, to nearly 50% in 2020.

Big tech companies may claim that cyber assailants are getting savvier, but the methods these criminals are using to break into company servers have stayed consistently basic. Most ransomware assaults still happen because of outdated servers or systems, a lack of air gaps in critical industries, email phishing scams and poor password protection. And there’s a simple way to stop this: government regulations that would force companies to protect themselves and consumers – or pay the price.

This country is trailing behind much of the Western world in terms of policies to protect businesses and individuals from cyberattacks. While originally intended to deal with personal privacy, the passing of the European Union’s General Data Protection Regulation (GDPR) in 2016 solved for the EU many of the issues we are currently facing. The GDPR mandated that consumer information and data must be properly encrypted on fully patched, isolated systems and diligently enforced these mandates through heavy fines.

In the U.S., current government compliance measures such as Payment Card Industry Digital Security Standard (PCI DSS), which was designed to keep customer data safe, are simply not enough. I deal with a lot of companies who are not PCI-compliant, and what I hear from executives at those firms is that they would rather pay the $50,000 fine for noncompliance than invest the $2 million it would cost to become compliant.

By accepting the inevitability and budgeting for cyberattacks, we are essentially allowing cybercriminals to continue their work unchecked.

In Europe, the GDPR charges up to 4% of a company’s gross revenue if it is not meeting standards – a number that’s quite a bit more motivating than the fines noncompliant U.S. companies are looking at.

As many American companies with business interests in Europe are already familiar with the GDPR regulations, it wouldn’t be difficult to adapt all or portions of the GDPR to fit U.S. standards, and everyone’s data would be safer as a result.

In my opinion, U.S. regulation should mirror the GDPR to ensure that all public and private systems accessible from the internet must be fully patched and cannot contain any critical data – which should instead be encrypted with a key and stored on a separate server.

Another key regulatory measure would be to create a rigid certification process for anyone working in cybersecurity, overseen by a state licensing board like our system for lawyers or cosmetologists.

Right now, the guy who cuts my hair has more oversight from the government than the people who are employed securing our critical systems. This is a problem because it gives companies with a real need for a cybersecurity resource no way to properly vet candidates for these roles. We can’t expect every business leader to become an expert in cybersecurity processes themselves, so creating oversight in the industry would ensure that all certified professionals have the training needed to spot and address holes in their clients’ systems.

Finally, any industry that is classified as critical infrastructure – such as oil, gas or nuclear power – should implement air gaps between the control systems and the business networks. An air gap ensures that a secure computer network is physically isolated from the internet, and therefore impossible to access remotely.

In fact, the nuclear power industry is already on board with this, and as a result there has yet to be a nuclear reactor compromised via a cyberattack, simply because no one outside the reactor’s physical location can get in.

However, as we saw in the Colonial Pipeline incident, the oil and gas industry has not yet caught up. As our lawmakers continue to look to big tech companies (who often financially benefit from the aftermath of cyberattacks) for guidance on these matters, I fear it may take a terrorist attack in the cyber domain for lawmakers to wake up to the necessity of regulation.

Unfortunately, a lack of meaningful regulation has put us in the same boat as those New York City store owners in the 1970s. By accepting the inevitability and budgeting for cyberattacks, we are essentially allowing cybercriminals to continue their work unchecked. It’s time for our elected officials and business leaders to stand up to extortion and beat back this new cyber mob – before it’s too late.

Eric Cole is the founder of Secure Anchor Consulting and an industry-recognized cybersecurity expert with more than 20 years of hands-on experience in the field.

More on cybersecurity

Ransomware boom comes from gangs that operate like cloud-software unicorns — ‘a truly incredible business model’

How did federal agents recover bitcoin and access a crypto wallet tied to the Colonial Pipeline cyberattack?

Comments / 0

Related
dtnpf.com

Cybercriminals Take Aim at America's Food Supply

Editor's Note: Each year, DTN publishes our choices for the top 10 ag news stories of the year as selected by DTN analysts, editors and reporters. Today, we begin the countdown with No. 10 looking at how high-tech criminals focus on targets they believe will cave under pressure for ransom, often using exploitation of data and customer identities as leverage to get millions in untraceable cryptocurrency. This year, one of their high-value targets was agriculture.
FOOD & DRINKS
IN THIS ARTICLE
#Cyberattack#Data Protection#Personal Data#European Union#Fbi#Bureau#The European Union#Gdpr#Eu
uticaphoenix.net

A man who tested positive for Omicron variant says 15

Costumed attendees take a break during Anime NYC at the Jacob K. Javits Convention Center in New York City on November 20.Kena Betancur/AFP via Getty Images. A man who tested positive for the Omicron coronavirus variant says 15 of his friends are also sick. The man and a group of...
NEW YORK CITY, NY
Daily Mail

Bill Gates says the worst part of the pandemic is coming and he's canceled his holiday plans because close friends have tested positive for COVID-19

Bill Gates warned his millions of Twitter followers to brace themselves for the worst part of the pandemic and announced that he canceled his holiday plans after his close friends tested positive for COVID-19. In a series of tweets posted on Tuesday, the Microsoft co-founder told his 56.5 million followers...
PUBLIC HEALTH
YOU MAY ALSO LIKE
NewsBreak
Data Security
NewsBreak
Public Safety
NewsBreak
Data Privacy
BGR.com

Thousands of new stimulus checks are going out through Dec. 31 – find out who gets one

When it comes to the possibility of issuing new stimulus checks, Congress is in a holding pattern at the moment — and will remain that way at least through early January. That’s thanks to West Virginia Democratic Senator Joe Manchin tanking any chance of the Senate passing its version of President Biden’s latest stimulus check bill before the body adjourned for the year a few days ago. But just because Congress hasn’t decided on anything new yet? That doesn’t mean people are shut out of the possibility of new checks completely. Case in point: Just look at what California is doing, with its Golden State Stimulus 2 effort.
INCOME TAX
Washington Post

Here’s why a criminal referral for Trump by the Jan. 6 committee is a bad idea

The House Select Committee investigating the Jan. 6 attack on the U.S. Capitol reportedly is considering a criminal referral of former president Donald Trump to the Justice Department. Committee chairman Bennie G. Thompson (D-Miss.) said last week that the committee would not hesitate to make such a referral if the facts warranted it.
POTUS
The US Sun

Kamala Harris slammed ‘for lying after proposing $2,000 stimulus checks for every month of Covid as bills still due’

KAMALA Harris has been slammed for a post she made prior to being elected vice president, promising "$2,000 monthly payments" that never materialized. In the tweet from May 2020, Harris wrote, "I’m proposing $2,000 monthly payments throughout the pandemic and for 3 months after because rent and bills are still due during this crisis and people are going hungry."
CONGRESS & COURTS
Axios

Trump accuses Jan. 6 panel of "seeking evidence of criminal activity"

Former President Trump's legal team on Wednesday accused the House committee investigating the Capitol riot of seeking to uncover evidence that would support a criminal referral against him. Why it matters: The brief asked the Supreme Court to consider committee chair Bennie Thompson's (D-Miss.) interview with the Washington Post as...
POTUS
24/7 Wall St.

This Is the World’s Largest Warship

The United States has had the largest and most powerful navy in the world since World War II. According to several reports, that is no longer true. China has a large fleet, based on the total number of ships, but several of them are extremely small compared to the size of the world’s largest warships […]
MILITARY
The Independent

Disease expert who sounded early warning about Covid predicts US already has 2,000 omicron cases

A public health expert who gave America early warnings about Covid-19 has said that there are probably around 2,000 cases of the new omicron variant already in the US.Dr Charity Dean, a former official at the California Department of Public Health, was among the first to warn in February last year that coronavirus was almost certainly circulating among Americans who had not travelled to China.Now she believes that a similar thing is happening with omicron despite the US government’s claim that no cases yet exist in the country, according to an interview with Business Insider."I have no doubt that...
PUBLIC HEALTH
Footwear News

These States Will Raise Their Minimum Wage Starting in 2022 — What This Could Mean for Retail

Starting in 2022, millions of Americans might get a pay bump as states increase their minimum wage. 21 states and 35 cities and counties will raise their minimum wages on or around New Year’s Day, according to a Monday report from worker advocacy group National Employment Law Project (NELP). In 33 of these regions, which includes the states of New York and California, hourly pay will increase to at least $15 an hour. Later in 2022, 4 more states and 22 local jurisdictions will introduce additional minimum wage hikes. These regions include localities in Illinois, Maryland, and Minnesota, with 17 of these regions...
RETAIL
MSNBC

Who just gave Donald Trump $1 billion?

Ageless Actress: Does Your Stomach Bulge, No Matter What? Try This Routine. The App That's Teaching Americans Spanish in Just 3 Weeks. Oregon Seniors: Forget Your Old Bathtub, Do This Instead. Paradigme Study /. A new research study for people with Follicular Lymphoma is looking for participants.
POTUS
MarketRealist

Are Social Security Payment Dates Changing?

An average of 65 million Americans per month were expected to receive Social Security benefits in 2021, and those who are continuing or new beneficiaries in 2022 need to know when to expect their payments. Retired or disabled workers and their dependents as well as survivors often rely on Social Security income to pay their bills.
PERSONAL FINANCE
MarketWatch

MarketWatch

63K+
Followers
15K+
Post
16M+
Views
ABOUT

MarketWatch provides the latest stock market, financial and business news. Get stock market quotes, personal finance advice, company news and more.

 https://www.marketwatch.com/

Comments / 0

Community Policy