2. AGENDA
• Internet Landscape
• Cybersecurity Statistics
• Types of Cyberattacks
• Common Vulnerabilities
• Recent Cyberattacks
• Cybersecurity Controls
• Cybersecurity Framework and Tools
• US and New Mexico Initiatives on Cybersecurity
• What Can We Do?
4. Internet Landscape
• There are over 5 billions people who use the internet. This represents
over 70% of the total population
5. Cybersecurity
Statistics
• Over 75% of targeted cyberattacks start with an email. (Round
Robin, 2020)
• Global cybercrime costs are expected to grow by 15% per year over
the next five years, reaching $10.5 trillion annually by 2025.
(Cybersecurity Ventures, 2020)
• The healthcare industry is expected to spend $125 billion on
cybersecurity from 2020 to 2025. (Cybersecurity Ventures, 2020)
• The first half of 2021 saw a 102% increase in ransomware attacks
compared to the beginning of 2020. (Check Point, 2021)
• 53% of adults agree that remote work has made it much easier for
hackers and cybercriminals to take advantage of people. (Norton,
2021)
6. Cybersecurity
Statistics
• IoT (Internet of Things) devices will be the biggest technology crime driver
in 2018.
• The average cost of a ransomware attack was $1.85 million in 2020,
doubling the year before at $761,106. (Sophos, 2021)
• On the dark web, Social Security numbers might go for $1 each, a
credit card number could sell for up to $110, and a U.S.
passport might cost up to $2,000. (Experian, 2018)
7. Types of
Cyberattacks
• Malware is an abbreviated form of “malicious software,” a software
that is specifically designed to gain access to or damage a
computer, usually without the knowledge of the owner. And it can
come in many forms, including ransomware, spyware, and viruses, to
name a few.
• Phishing is when scammers try to lure sensitive information or data
from you by disguising themselves as trustworthy sources. And
phishers use multiple platforms to achieve these cyberattacks,
including emails, texts, and phone calls.
• Denial-of-Service (DOS) Attack. DoS attacks work by flooding
systems, servers, and/or networks with traffic to overload resources
and bandwidth. The result is rendering the system unable to process
and fulfill legitimate requests. In addition to denial-of-service (DoS)
attacks, there are also distributed denial-of-service (DDoS) attacks.
8. Types of
Cyberattacks
• SQL Injections. This occurs when an attacker inserts malicious code into a
server using server query language (SQL) forcing the server to deliver
protected information. This type of attack usually involves submitting
malicious code into an unprotected website comment or search box. Secure
coding practices such as using prepared statements with parameterized
queries is an effective way to prevent SQL injections.
• Password Attack. Passwords are the most widespread method of
authenticating access to a secure information system, making them an
attractive target for cyber attackers. By accessing a person’s password, an
attacker can gain entry to confidential or critical data and systems, including
the ability to manipulate and control said data/systems.
• Internet of Things (IoT) Attacks. While internet connectivity across almost
every imaginable device creates convenience and ease for individuals, it
also presents a growing—almost unlimited—number of access points for
attackers to exploit and wreak havoc. The interconnectedness of things
makes it possible for attackers to breach an entry point and use it as a gate
to exploit other devices in the network.
10. Recent
Cyberattacks
US
• Colonial Pipeline. Ransomware resulting to a payment of $4.4
million (75 bitcoin) and shutdown of some pipelines. Exposed
password for a VPN account.
• JBS Foods (Pilgrim, Great Southern and Aberdeen Black).
Ransomware resulting to a payment of $11 million in bitcoin and
shutdown of plants and increase in meat prices.
• Nvidia. Ransomware that threatened to release 1TB of data.
• Bridgestone. Ransomware resulting to a halt in production for a
week.
11. Recent
Cyberattacks
New Mexico
• Albuquerque Public Schools. Ransomware attack resulting to
schools closures for few days.
• Bernalillo County. Ransomware attack resulting to disruption of
various services.
• University of New Mexico Hospital. Exposure of PI of over 600,000
patients
12. Cybersecurity
Controls
• Develop Security Policies. Development will include information
classification policy as well as risk assessment.
• Inventory all hardware and software. You can’t protect what you
don’t know exists.
• Keep your software up to date. Network providers issue updates
that address known security vulnerabilities. Install them to prevent
hackers from exploiting such weaknesses. Very common in NM.
• Backup your data regularly. Use multiple storage systems to
minimize data loss and avoid paying ransoms in case of attack.
• Employ multiple security systems, for example firewalls, anti-virus
software, spam filters, and web security. This enables you to detect
and react to intrusions faster.
13. Cybersecurity
Controls
• Provide awareness training for your employees. Staff are often the
target of phishing emails, so it is important they know how to recognize
and avoid such scams.
• Network Penetration Test. Test include both internal and external to
identify vulnerabilities
• Vulnerability assessment. Some available tools to scan network and
applications. Some available free tools or federal grants.
• Encryption of PI. This will ensure that protected information can’t be
accessed in event of cyberattacks.
• Create Strong Passwords. Ensure it is consistent across the board for
users and administrators’ accounts.
• Review Users’ Access Control Listing. This should be completed for
critical applications at least on an annual basis to ensure access is
provided on a “need to know” basis.
14. Cybersecurity
Controls
• Use multi-factor authentication. This means that even if hackers get a
hold of employee credentials, they will not gain access to your system
without additional authenticating factors. This is especially true for
administrators’ accounts.
• Implement Controls over IoT and portable devices. Security
protocols need to be implemented when connecting devices over
internet (printers, HVAC, medical devices, doorbell, security cameras,
appliances. Etc.)
• Develop Incident Response Plan. Policies to guide the organization in
event of attacks.
• End of life systems should be replaced or protected. This is very
common in New Mexico.
• Implement Controls Over Applications on the Cloud. SLA, SOC
reports and other assessments.
16. US and NM
Initiatives
• US created Cybersecurity and Infrastructure Security Agency (CISA) in
November 2018, with annual budget of $2.5 billion.
• Bill to Create Cybersecurity Program for K-12.
17. What can we do?
• Consider creating a separate agency, similar to CISA for federal
government.
• Baseline IT Controls for governmental agencies (Tier system depending
on PI).
• Emphasize IT as part of local government governance.
• Increase budget for IT Department, address staffing issues
• Hire Information Security Officer, especially for bigger agencies.
• Develop Cybersecurity Programs at Universities and Colleges
• Be Proactive on Security Matters.