SECTION 4: RISK ASSESSMENT
4.5.13 CYBER THREAT HAZARD BACKGROUND
The State of North Carolina Hazard Mitigation Plan defines cyber- attacks as “ deliberate attacks on information technology systems in an attempt to gain illegal access to a computer, or purposely cause damage. ” Cyber-attacks use malicious code to alter computer operations or data. The vulnerability of computer systems to attacks is a growing concern as people and institutions become more dependent upon networked technologies. The Federal Bureau of Investigation (FBI) reports that “cyber intrusions are becoming more commonplace, more dangerous, and more sophisticated,” with implications for private - and public-sector networks. There are many types of cyber-attacks. Among the most common is a direct denial of service, or DDoS attack. This is when a server or website will be queried or pinged rapidly with information requests, overloading the system and causing it to crash. Malware, or malicious software, can cause numerous problems once on a computer or network, from taking control of users’ machines to discreetly sending out confidential information. Ransomware is a specific type of malware that blocks access to digital files and demands a payment to release them. Hospitals, school districts, state and local governments, law enforcement agencies, businesses, and even individuals can be targeted by ransomware. One 2017 study found ransomware payments over a two-year period totaled more than $16 million. Even if a victim is perfectly prepared with full offline data backups, recovery from a sophisticated ransomware attack typically costs far more than the demanded ransom. However according to a 2016 study by Kaspersky Lab, roughly one in five ransomware victims who pay their attackers are still not able to retrieve their data. Cyber spying or espionage is the act of illicitly obtaining intellectual property, government secrets, or other confidential digital information, and often is associated with attacks carried out by professional agents working on behalf of a foreign government or corporation. According to cybersecurity firm Symantec, in 2016 “…the world of cyber espionage experienced a notable shift towards more overt activity, designed to destabilize and disrupt targeted organizations and countries.” Major data breaches - when hackers gain access to large amounts of personal, sensitive, or confidential information - have become increasingly common. The Symantec report says more than seven billion identities have been exposed in data breaches over the last eight years. In addition to networked systems, data breaches can occur due to the mishandling of external drives, as has been the case with losses of some state employee data. Cybercrime can refer to any of the above incidents when motivated primarily by financial gain or other criminal intent. The most severe type of attack is cyber terrorism, which aims to disrupt or damage systems in order to cause fear, injury, and loss to advance a political agenda. The FBI is the lead federal agency for investigating cyberattacks by criminals, overseas adversaries, and terrorists. In North Carolina, the Department of Information Technology is the lead agency that maintains Cybersecurity and Risk Management resources. The North Carolina State Bureau of I nvestigation’ s Computer Crime Unit helps law enforcement across North Carolina solve sophisticated crimes involving digital evidence.
Warning Time: 4 – Less than six hours
Duration: 4 – More than one week LOCATION
Cyber disruption events can occur and/or impact virtually any location where computing devices are used. Incidents may involve a single location or multiple geographic areas. A disruption can have far-reaching
Wake County, NC Multi-Jurisdictional Hazard Mitigation Plan
WSP June 2024 Page 244
Made with FlippingBook interactive PDF creator