News Talk 94.1/AM 1600 Where The Upper Cumberland Talks
A growing awareness of cybersecurity threats should lead to better preparation, according to Tennessee Tech expert.
Two major cyberattacks have shut down two major industries in the past three weeks. Assistant Director for Tennessee Tech’s Cybersecurity Education, Research and Outreach Department Eric Brown said the most important thing to understand when it comes to these threats is to know what you’re looking for.
“Team member education is one of the cheapest and yet most effective means of staving off these types of attacks,” Brown said. “Understand it only takes that one person to unleash that malicious software. So educating your team is to proper cybersecurity practice or proper cyber safety practice is essential.”
After two major corporations have experienced cyber attacks in the past two weeks, Brown said he thinks the use of ransomware could grow in popularity. Brown said a majority of these attacks come from people looking to make a lot of money in a short amount of time and with minimal effort.
“The idea behind most of these attacks is to look at where is the most profitable center to hit, who is the most likely to pay based upon either their lack of cyber readiness or by the sensitivity of the data,” Brown said. “Unfortunately these criminals are operating from a business mindset.”
Brown said these attackers don’t necessarily target large corporations either–many times something as simple as a phishing email opened lower in the supply chain can lead to widespread issues throughout the company. These can then have even larger effects on the community as a whole, as seen with the Colonial Pipeline gas incident.
“They immediately hit them with a demand for somewhere between four and five million dollars, because they were looking at, ‘This is an amount we think they’ll pay,’ given the timeline they’ll need to recover and how urgently they’ll need to recover because of the chaos it will cause,” Brown said.
Brown said in addition to educating team members in the workplace, companies should also inspect their cyber safety practices at home with their personal computers as well.
