Cyber crime is one of the single greatest threats to modern business, especially in growing business hubs across the US such as Oklahoma City and surrounding areas. The scale of it is almost unfathomable, from holding a small business hostage with ransomware demands to state-sponsored hacking as a modern method of war.
It is estimated that the cost associated with corporate cybercrime globally in 2017 was $600 billion. With the rate this number is increasing, this figure will likely top $6 trillion by the year 2021. IBM’s annual Cost Of Data Breach study highlights that the average cost of rectifying a data breach is in the region of $3.9 million when you add costs for investigation, notification, damage control, lawsuits, and regulatory fines.
The financial risks of cybercrime are not the only consequence of a cyber attack—there’s also the reputational damage suffering businesses must face. In fact, there have been a number of high profile incidents over the last few years that have notably impacted customer loyalty. This includes Yahoo, after all three billion of Yahoo’s customers had their records compromised and Equifax, where a cyber attack affected approximately 147 million customers of the global credit ratings agency.
That said, if you think that large, multinational corporations are the only ones at risk, then you are very much mistaken. In reality, 58% of cyber attacks occur within small businesses. In business hubs such as Oklahoma city, there have been major attacks that have sent businesses under within just months of the incidents.
Here are the top three cyber attacks in recent Oklahoma history and what they say about businesses in this particular location for business growth and their cybersecurity:
#1 The Oklahoma Law Enforcement Retirement System
In September 2019, the FBI was called in to investigate the theft of $4.2 million from the Law Enforcement Retirement System. This pension fund held the investments of park rangers, highway troopers and other state agents. This is the latest in an increasing line of attacks on local government and state agencies. The fund has recovered a proportion of the money and assured retirees that this will not affect their benefits.
This breach highlights the vulnerabilities of systems and the attack could have been far bigger, with immense consequences for the retirees who rely on their pensions and benefits after a lifetime of service. Whichever way you look at it, it’s a PR nightmare.
#2 Oklahoma State University Center of Health Sciences
Patient Medicaid information was stolen in a breach of the Oklahoma State University Center of Health Sciences in 2018. The hackers gained access to healthcare provider details as well as limited treatment information.
Clearly, this issue caused a great deal of distress for patients who were afraid their confidential medical information was now in the public domain. It is still unclear what the targeted data was intended to be used for.
#3 The Broken Arrow Click2Gov Breach
In late 2019, a breach of the self-service payment portal Click2Gov affected businesses in Tulsa. The system was commonly used to pay things like utility bills and parking tickets. The Breach affected a number of cities across the US before reaching Broken Arrow in Tulsa.
In the breach, about 20,000 records were stolen, including payment details that were later found to be for sale on the dark web. It is estimated that over $1.9 million was made in illicit sales by the cyber criminals. Despite a security patch being released for the software, a second wave of cyber attacks were committed in August 2019.
What all this data really shows is that business leaders in Oklahoma need to bring cybersecurity out of the IT department and into the C-suites and take it much more seriously.
If you’re not worried about the issue of cybersecurity for your business, you should be. Given the year on year rise in incidents, it’s more of a question of not if but when your company will be targeted. It’s never been more important to prioritize investments in comprehensive cybersecurity services.
After all, the damage from a cyber attack can have far reaching consequences for organizations of any size across all sectors. There are legal, financial, and reputational factors to consider that could, in all likelihood, put you out of business. Stephane Nappo, an information security expert, said it best when she declared, “It takes 20 years to build a reputation and a few minutes of a cyber-incident to ruin it.”