Here’s an amazing — and terrifying — statistic: During the recent heightened tensions between the United States and Iran, the state of Oklahoma recognized and deterred nearly 200 million unauthorized attempts to get at its computer systems every day.
Almost as amazing: While nearly 200 million is a big jump, the state ordinarily sees an average of more than 50 million cybersorties a day.
Two hundred million cybershots across the state government’s bow would be 50 for every man, woman and child in the state. And that doesn’t start to count the number aimed at local governments, banks, news media and ordinary citizens.
Obvious conclusions Nos. 1 and 2: They’re out to get us, and they’re aiming at our laptops.
Obvious conclusion No. 3: The “they,” in the case of the sudden increase, is Iran, its proxies and allies, but there’s plenty of other bad actors out there, including criminals working out of North Korea, Russia and within our own borders.
Obvious conclusion No. 4: Most of the cyberattacks aren’t working. The electrical grid hasn’t been disabled. Our voting results haven’t been corrupted. Individuals’ tax records haven’t slipped into the hands of cyberextortionists.
For the most part. Yet.
Of course, just before the beginning of the school year, Broken Arrow schools were the victim of a ransomware attack, the sort of effort in which online criminals seek to freeze up computer systems or hold data hostage for ransom.
The district said it wasn’t going to pay ransom, and officials worked hard to wire around the cybercriminals’ efforts. The FBI was called into the case.
Obvious conclusions Nos. 5 and 6: It’s a dangerous world out there, and the only defense (short of hibernating in a completely analog world) is vigilance. Make sure your computers have up-to-date firewall and antivirus software protection. Don’t open suspicious emails that may include attachments or click links within an email from an unknown sender. Use strong passwords and vary them. Don’t be complacent. Think about what you will do if things go bad. Support the public efforts to harden national, state and local defenses against the cybercriminals.