Thursday,  December 12 , 2024

Linkedin Pinterest
News / Business / Clark County Business

Defending cyberspace: Cyberattacks have become a cost of doing business in Clark County

Clark College’s new cybersecurity bachelor’s degree program aims to help counter growing business of cyberattacks

By Sarah Wolf, Columbian staff writer
Published: April 13, 2024, 6:14am
5 Photos
Mohammed “Giga” Alqeeq, left, and Dwight Hughes of Clark College tour the school’s cybersecurity lab. As the cybercrime industry has boomed, the college’s 4-year-old cybersecurity bachelor’s program is now operating at capacity.
Mohammed “Giga” Alqeeq, left, and Dwight Hughes of Clark College tour the school’s cybersecurity lab. As the cybercrime industry has boomed, the college’s 4-year-old cybersecurity bachelor’s program is now operating at capacity. (Photos by Amanda Cowan/The Columbian) Photo Gallery

About seven years ago, Clark College’s technology lab was hacked. Today, that’s where students in the college’s new cybersecurity bachelor’s degree program are learning how to fend off similar attacks.

Cyberattacks have become so commonplace that people have grown numb to the threat, even though these crimes are projected to cost $9.22 trillion this year, according to Statista’s Market Insights. Businesses now view dealing with cyberattacks as a normal cost of operating.

“It’s become … a commercial criminal enterprise,” said Dwight Hughes, director of Clark College’s cybersecurity program.

Rebound Orthopedics & Neurosurgery is the most recent local business to have fallen prey to a cyberattack, but Clark County government and Burgerville also have been struck in the past few years. And those are just the attacks that became public knowledge.

By the numbers

Source: FBI

Crime Type By Victim Count in Washington in 2023.

Data Breach: 74

Ransomware: 54

Personal Data Breach: 1,280

Phishing/Spoofing: 191

Malware: 23

Crime Type by Victim Loss in Washington in 2023

Data Breach: $1,085,838

Ransomware: $1,548

Personal Data Breach: $11,062,062

Phishing/Spoofing: $466,866

Malware: $2,590

Washington law requires organizations that own or license personal information to notify Washington residents within 45 days of attacks that compromise unsecured personal information. But organizations that suffer attacks that don’t involve consumers’ information do not need to notify anyone. Health care companies follow specific federal laws that require patients to be notified of breaches targeting protected health information.

Eric Landon, director of operations and technology at Vancouver’s Riverview Bank, said businesses are affected beyond the initial attack.

“It’s the impact of the reputation because you’re all of a sudden on the evening news or in the newspaper,” Landon said.

A hit to a business’s reputation could influence its sales or even deplete its existing customer base.

Then there are the associated expenses — like identifying the issue, remedying it, notifying customers and determining how to improve cybersecurity going forward.

“All those things are a huge cost,” Landon said.

Clark College’s attackers didn’t end up with any student information when they hacked the technology lab because there wasn’t any there.

“But the hacker didn’t know that when they broke in there,” Hughes said.

Countering the threat

The booming cybercrime industry has led to increased demand among businesses for cybersecurity professionals. The state’s Employment Security Department projects annual growth of 5.3 percent in the field. Clark College developed its cybersecurity bachelor’s degree program to train people locally.

Mohammed “Giga” Alqeeq, Clark College’s lead cybersecurity instructor, said the program helps students learn from real-world scenarios.

Information

Glossary

  • Ransomware: Malicious software created to block access to a computer system until a ransom is paid.
  • Malware: Software designed to disrupt, harm or get unauthorized access to a computer system.
  • Phishing: Emails that claim to be from reputable source with the intent of getting recipients to divulge personal information.

To get help

Victims of any crime can call, text or chat with a specialist from the National Center for Victims of Crime’s Victim Connect hotline at 1-855-484-2846. Resources are also available online at www.victimconnect.org.

The program launched in 2020 with a small cohort of students. It’s close to full capacity with nearly 100 students who are training to be professionals who will go into the workforce to defend companies against malware, phishing, ransomware and other cybercrimes that threaten companies and their data. The program is expected to grow to 150 people in the fall.

Landon said businesses should have strong security in place and do everything possible to make themselves less of a target. He said one option is to store more data offline.

“To some level, you’re going to have a breach and therefore need to be prepared to recover from that effectively without bringing your company to its knees,” Landon said.

Although companies work to protect their data, if it’s breached, they often pay ransoms to retrieve what was lost. The ransom may even be covered by insurance. But consumers’ information is still regularly compromised.

Iva Rody, chief programs officer at the National Center for Victims of Crime, said the impact that cyberattacks have on victims is sometimes missed.

“Information that’s stolen is often private,” Rody said. “A wide range of emotional impact comes along with financial fraud that not a lot of people realize.”

Victims may deal with anger, grief, loss, embarrassment, fear or simply frustration.

Stolen information is often distributed as well, Rody said. Identity theft can follow.

“It impacts their ability to be made whole,” she said.

Employees at a company that has been compromised may also deal with their own fears about opening email attachments or clicking on links.

“They don’t want to … feel like they were the one that caused the major problem,” Rody said.

Tips to prevent cyberattacks

Cyberattacks are common these days. But consumers can take steps to protect themselves, said Wendy Smith, chief risk officer at Columbia Credit Union. Here’s her advice:

  •  Do not click a link via text or email to “verify” your account or to confirm a transaction.
  •  Do not include personal information in a survey.
  •  Do not give your username, password or one-time passcode to anyone.
  •  Use unique passwords across all accounts.
  •  If you think a hacker has accessed your personal information such as your Social Security number, credit card numbers or bank account info, go to identitytheft.gov to report it and get a recovery plan.

 

AI spikes cybercrime

Experts expect the rapid development of artificial intelligence to further drive cybercrimes, making cybersecurity programs like Clark’s increasingly important to fight the ever-evolving threats.

Clark’s students aren’t there memorizing facts, but rather learning how to apply and synthesize knowledge, Hughes said.

“They have to be lifelong learners,” said Hughes, pointing to the rapid advancement of technology.

Hackers are always looking for weaknesses in new technologies.

“It’s always changing,” Alqeeq said. “It’s just a matter of time.”

Support local journalism

Your tax-deductible donation to The Columbian’s Community Funded Journalism program will contribute to better local reporting on key issues, including homelessness, housing, transportation and the environment. Reporters will focus on narrative, investigative and data-driven storytelling.

Local journalism needs your help. It’s an essential part of a healthy community and a healthy democracy.

Community Funded Journalism logo
Loading...