Cybersecurity in New Jersey Comes into Focus in 2019
The last two months of 2019 were rough for cybersecurity in New Jersey, with high profile attacks significantly harming major businesses and causing them to cancel surgeries, delay school openings, cancel performances and more.
But unfortunately, that’s far from unique. The FBI ranks New Jersey ninth in the country for cybercrime losses, with more than 8,400 victims across the state incurring $79.7 million in related costs in 2018. Govtech reports that dozens of municipal government agencies in New Jersey have been attacked over the past two years but have been reluctant to make those attacks public.
Many of those attacks included ransomware – hackers breaking into systems, encrypting the data and releasing it only if the organization pays a steep fine. Many organizations are paying the ransoms because they see this as the fastest way to get their businesses back. But not everyone recovers their data, and even when they do, it often takes months to fully restore operations. Preventing cyberattacks such as ransomware is critical to avoid becoming the next target.
Experiencing a Hack
The insidious nature of ransomware means organizations can go weeks or months without knowing they were attacked. It starts simply, often when a user responds to a phishing attempt, opens an attachment to a spoofed email from a trusted source, or falls for other trickery. Clicking on the wrong link allows malicious code to be embedded somewhere in the system, often replicating itself in many places in the event the foreign code is discovered. That code connects the system to the hacker’s server so they can control what happens from afar.
Then one day the hacker activates the code, encrypting all the data it can reach in the network – work documents, database files, spreadsheets, email. Files might start mysteriously getting new names, or applications start to crash. The attack also includes an instruction document laying out the terms of the ransom demand. Some even offer support lines to help victims comply and hopefully furnish the decryption key after the ransom is paid. Even after that, malicious code may remain in the system.
No one wants this. Every organization needs a solid multi-layer security stance to start. Here’s what else to do to reduce the likelihood of an attack:
Exigent starts its IT security services with a thorough audit of your network including penetration and other testing and recommends solutions to fill the gaps. Then we put tools in place to alert our experts to suspicious activity to prevent or minimize the impact. We can also help you create a solid disaster recovery plan, including making required notifications to meet compliance standards.
Ransomware is everywhere, and cybersecurity in New Jersey came into big focus in 2019. But when it starts impacting your neighbor’s surgery, your son’s school day or your ability to run your business, it feels very local. Reach out today to find out you can avoid being featured in tomorrow’s New Jersey cyberattack headlines.