The town of Ardmore faces a growing cybersecurity threat
In 2021, the town of Ardmore received and blocked over 1.2 million cyberattacks. These attacks have recently dramatically increased in frequency. In fact, in the first nine weeks of 2022, the city has already seen more cyberattacks than in 2021 with over 1.3 million attacks and counting.
Ardmore Chief Information Officer Robert Newell spoke to the Ardmore City Commission about the matter on Monday evening. He said the attacks are unlikely to slow down any time soon, the best way to prevent a successful attack is to remain vigilant.
Often, cyberattacks come in the form of emails.
“Since January 1, the town of Ardmore has received 3,684,920 emails, or about 55,832 a day,” Newell said. “Only about 1,831 (per day) are real. The rest are fake and trying to get information from us. We filter an exorbitant amount of emails trying to protect what our employees see every day.”
Continued:Main Street Authority moves to new premises
He said a recent form of email attacks came from hackers claiming to be City Manager Kevin Boatright.
“They’ll find out that a new city manager has arrived and they’ll immediately start tracking down all the department managers,” Newell said. “They’ll send emails to managers claiming to be the new city manager, and they’ll try to get employees to change policies or redirect deposits.”
To help keep employees alert, the city emails all staff once a month to test whether or not the employee might be scammed.
“Some of these emails are very well crafted,” Newell said. “If you’re in the finance department, there might be something with financial information trying to trick you. If you’re in the IT department, there will be technical information.”
Employees who do not pass the test and follow the instructions in the email receive additional training on how to recognize fraudulent emails, but this happens less often than in the past. When the email testing program started, employees were fooled 47% of the time. The number is now less than 1%.
Continued:How much do houses for sale in Ardmore cost? Strong demand keeps real estate market competitive
Newell said one of the best ways for the city and individuals to prevent cybercrimes is to have strong passwords on all accounts. If a password consists entirely of numbers, hackers can almost instantly gain access to the account even if the password has up to 11 numbers. Even passwords containing numbers and upper and lower case letters can be instantly cracked if the password length is less than six characters.
“The best thing to do is to have a password with numbers, upper and lower case letters, and a special character,” Newell said. “A 10-character password meeting these conditions would take 330 years to crack, and that number grows exponentially as the password gets longer.”
Newell encouraged the public to be vigilant about their own cybersecurity, as many people have had their email addresses leaked in data breaches. Sometimes the panties even contained both the email address and the password. He suggested visiting the www.haveibeenpwned.com website to see if your personal or work email address has been compromised. The website also has a feature to detect compromised passwords. If your email address or password appears, it said to create a new password immediately.