Recommended reading

New York City is going all-out to tackle cyberattacks

News
By published

The New York City Cyber Critical Services center is going physical

ID theft
Image credit: Pixabay (Image credit: Future)

The New York City Cyber Critical Services, a joint government-private effort to curb cyberattacks in this US state, has moved into the physical realm, after two years in existence online.

As reported by the Wall Street Journal, the real-time operational center, designed to protect against cybersecurity threats, is located in “a lower Manhattan skyscraper”. There, members from government agencies and private businesses, 282 different partners in total, are “sharing intelligence” on potential cyber threats.

Members include the New York Police Department, Amazon, IBM, the Federal Reserve Bank, and different healthcare institutions. 

“If any city in America needs this cross-sector and government collaboration, it’s us,” Manhattan District Attorney Cyrus Vance Jr. said. According to the NYPD Deputy Commissioner of Intelligence and Counterterrorism, John Miller, a ransomware attack happens every 14 seconds, somewhere around the globe, according to research by Cybersecurity Ventures. Two in five of the victims decide to pay up, while eight in ten end up targeted for the second time.

Ransomware targeting SMBs

It’s these attacks, Miller said, that prompted the state to set up the center in the first place:

“When one major piece of critical infrastructure is under attack, they’re all under attack,” he said. “If those entities fail, all our response plans fail with them”.

Ransomware operators target organizations of all shapes and sizes, including SMBs from various industries. Most of the time, it’s a double-extortion attack, in which the operators would first download, then encrypt, all of the sensitive data found on a compromised network. 

Then, they’d demand payment in exchange for the decryption key and threaten to release/sell the data on the dark web to entice the victim into agreeing to the terms. 

SMBs that fall victim to the attack can expect loss of customers, large remediation costs and even higher fines from regulators. Organizations that deal with data on EU citizens can end up being fined 4% of their global annual turnover, or €20 million, whichever sum is greater.

Via: The Wall Street Journal

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.