AG Yost calls computer security a recurring cost

By LOU WILIN

STAFF WRITER

Businesses and government agencies of all types and sizes must continually invest in computer security — or end up paying much more later — Ohio Attorney General Dave Yost warned Monday in Findlay.

“Whether we like it or not we are caught in an escalating digital arms race. Hackers invent new ways to penetrate security and we invent new defenses. And the cycle repeats and repeats and repeats,” Yost said. “We’re going to continue to see new innovations.”

The potentially huge amounts of money involved guarantees that hackers will not quit, Yost said.

Primera Blue Cross had to pay $42 million in compensation to millions of customers who suffered losses when their Social Security numbers and other information was used by hackers in 2014 and 2015, Yost said. Primera Blue Cross also was forced to spend an additional $42 million to upgrade its cybersecurity.

Equifax credit reporting agency has had to pay $425 million for restitution to its customers after its computer system was hacked in 2017, he said.

“Whether you want to or not, you’re going to pay for cybersecurity. It’s just a matter of the timing and the amount and whether it’s voluntary or mandated by a court,” Yost said. “If you suffer a cyberattack, it can cripple the ability of your company or organization to function. Secondly, it can significantly harm your company’s reputation and drive away your customers. It can harm your customers.”

Yost’s speech to local business and government leaders was sponsored by CentraComm and Hylant.

Yost also cited examples of local governments being victimized:

• Much of Licking County’s computer system was shut down by a virus in 2017, and the hackers demanded about $31,000 in ransom to get the system running again. It paralyzed court document issuing, phone systems, video visitation with jail inmates, marriage license issuances and forced the sheriff’s office to borrow laptops from the State Highway Patrol for two weeks. Licking County had to pay $50,000 to someone — not the hackers — to restore its systems.

• Jackson County, Georgia, this year reported paying a $400,000 ransom to a hacker for information it had locked down.

Hackers are not going to go away.

“Criminals are just too incentivized here to give up,” Yost said.

Criminals will keep innovating new ways to hack, so businesses and government agencies need to keep investing in security and staying vigilant.

“Cybersecurity is not something you can fix and forget,” Yost said. “It’s a recurring cost of doing business.”

Wilin: 419-427-8413 Send an E-mail to Lou Wilin

Comments are closed.