National Cyber Complaints and Losses (from FBI 2021 Cyber Report)

Cyber Security Month comes 6 Months Early

Every year Cyber Security Month is in October. So why am I talking about it at the end of the 1st quarter of 2022?

The flippant answer is that the subject is just that important, but the real reason is that the FBI just released their 2021 Cyber Security Report last week and it should be a wakeup call for everyone from the Hospital CEO to your retired grandparents!

What does it say? Well, there’s more info that most people will want to sit through, so I’ll summarize the headlines. Lets start with the National Numbers and then look at Nevada:

Nevada Cyber Complaints and Losses 2021

Nevada Cyber Complaints by Crime Type 2021

Link to FBI State Reports:  https://www.ic3.gov/Media/PDF/AnnualReport/2021State/StateReport.aspx#?s=31

Link to FBI 2021 Internet Crime Report:  https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf

Nationally, the 2021 “reported” losses were at $6.9 Billion (a 500% increase from 2017) and Nevada losses from 2021 where just under $84 Million and we rank 19th in the most scammed states list and nationally, the most victimized age group were the 60+ Community of which Nevada has a fair number!

From a business perspective, these numbers should be a wake-up call both from the standpoint of potentially losing money and reputation due to a cybercrime event and from the loss of productivity that could arise from a staff member falling victim to a scam in their personal life; spending dozens of hours trying to resolve the situation.

Don’t think you are a target? I guarantee that in every organization, there is at least one person that will click on anything!

Here is what every organization should start doing next week:

  • Provide Staff with Mandatory Cyber/Fraud Training (This makes both the business less vulnerable as well as the staff member in their personal life. If you can offer the training to the families of staff members)
  • Turn on Multi-Factor Authentication in Email and any other application that supports it! (Especially for your EHR).
  • Make sure that you have quality backups of important data offsite at least daily. This should include Microsoft 365/GSuite Data!
  • Make sure that you are using a business class Firewall and Anti-Virus/Anti-Malware software.
  • Don’t let staff access confidential systems from home computers, this is a major path to compromise! Develop a secure Work From Home strategy.
  • Encrypt the hard drives of all laptops
  • Look at additional security solutions to look for persistent threats in your computing environment.
  • Implement Productivity Monitoring Solutions, especially for the Work From Home Staff.
  • Lots of other tasks may be required depending upon your environment, and don’t forget the physical security from your organization, there are bad guys in person in addition to online!

With the current rate of inflation and the numbers of displaced highly educated people due to Ukraine War, I predict that the number of Cyber Attacks will increase at a faster pace than the already steep increases we have seen to date. More people both at home and abroad will seek to survive or thrive by stealing than ever before and we owe it to our bottom lines, our staff, patients and clients to do what we can to protect ourselves and the confidential data we all have!

 

Leo BletnitskyHIPAA Security Professional, MCP, MCSA, Security+

President, Healthy Technology Solutions