:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/shawmedia/MM4FXACRDLVRGWWEF2GEXZ6E7A.jpg)
The number of reported data breaches jumped 68 percent last year, according to a report from the nonprofit organization Identity Theft Resource Center.
The report notes there were 1,862 data breaches last year, surpassing both 2020′s total of 1,108 and the previous record of 1,506 set in 2017. And things could get worse.
Last week, President Joe Biden warned U.S. companies that “[b]ased upon evolving intelligence, Russia may be planning a cyberattack against us.”
“CISA has been working with our partners for months to ensure preparedness in the event of a cyberattack related to the Russian invasion of Ukraine,” said Alex Joves, Cybersecurity and Infrastructure Security Agency (CISA) Regional Director for Region 5, which covers Illinois, Indiana, Michigan, Minnesota, Ohio and Wisconsin. “There is now evolving intelligence that Russia may be exploring options for potential cyberattacks.”
Joves spoke Wednesday as part of a virtual cyber security briefing Wednesday hosted by the Illinois Chamber of Commerce and U.S. Rep. Lauren Underwood, D-Naperville.
He expressed the need to report a suspected cyberattack to CISA when it occurs.
“When cyber incidents are reported quickly, we can use this information to render assistance and provide warnings to prevent other organizations from falling victim to that attack,” Joves said. “This information is also critical to identifying trends that can help efforts to protect the homeland.”
Joves also offered tips for people to avoid being the victim of a cyber attack, such keeping a look out for suspicious email.
“Most folks understand this, but more than 90 percent of successful cyber attacks start with a phishing email,” Joves said. “If it’s a link you don’t recognize, trust your instincts and think before you click.”
He also stressed that a company’s cybersecurity and IT personnel should be focused on identifying and quickly assessing any unexpected or unusual network behavior. And he said a company should test backup procedures to ensure that critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack.
“Ensure your backups are isolated from your network connections,” Joves said.
Investing in a company’s security needs to be a top priority, he said.
“Any indications of malicious cyber activity – even if it’s blocked by your security control – should be reported to CISA, your FBI or state officials,” Joves said.
FBI special agent Eric Brelsford stressed the need for companies not to let up their guard at this time. He has 15 years of experience with the FBI specializing in cyber-crime investigations.
“Cyber threats are always a great concern to any organization, but especially so in the times that we currently find ourselves in today due to the increased threat level,” he said. “The FBI has placed the highest possible priority on combating the threat of cyber attacks and going after the threat actors engaged in this activity.”
As he noted, these threat actors predominantly operate in Russia and in Eastern Europe, but also are in West Africa, the Far East and in the United States. Data breaches and ransomware activity are the most prevalent attacks.
“The angle is simply to identify and suck out of your organization anything of value, any sort of data that can monetized or of use from an intelligence perspective if you’re taking about a foreign government engaged in this activity,” Brelsford said. “Ransomware is also a rampant problem.”
And nothing is immune from being hacked these days, including mobile phones.
“The threat actors are able to take over your mobile phone service and put that to a phone that the threat actor controls,” he said. “And why are they doing this? Because your mobile phone number is often tied to your online account access for two-factor authentication. So if I forgot my password, I have a PIN (security) code sent to my mobile phone number. When the threat actors gain control of my mobile phone, that PIN code is sent via text message to a phone that the bad guy controls. They sort of swap the service out. We’ve seen a lot of growth in that particular tactic being used in the last year.”