Hawaii’s risk of cyberattack ranks No. 1

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

Hawaii residents are more likely to become victims of cyberattack than any other state in the union, according to a newly released study.

The state sits at the top of the rankings by Security.org in part because of a huge 136.4 percent increase in the rate of cyberattacks per 100,000 people, according to FBI data.

The study — called “Which States Are at Highest Risk for Cyberattacks?” — includes FBI data on cyberattacks, state spending figures on cybersecurity and assessments of election security protocols.

California-based Security.org released the study with analysis that attempts to figure out how vulnerable states and their residents are to cyberattack.

Hawaii topped the list with a risk level four times higher than Rhode Island, which ranked lowest on the risk index.

The islands not only saw a massive increase in cyberattacks between 2016 and 2017, the study said, but had one of the country’s highest victimization rates overall.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

The numbers came from the FBI’s Internet Crime Complaint Center, which gathers reports from cyberattack victims, including the type of attack and how much money was lost.

The authors of the study said they not only wanted to create a snapshot of the problem, but to determine how each state was trending.

Although more than half of states saw an increase over the two years, only nine states experienced double-digit increases, with Hawaii topping the list.

The FBI’s 2017 Internet Crime Report found more than $1.4 billion in losses was reported by victims in 2017, including nearly $3.4 million in Hawaii. The amount of losses rose with the age of the victims.

Former state Chief Information Officer Todd Nacapuy said Hawaii is vulnerable because it is home to a large number of seniors who are less likely to be educated about the various cybercrimes.

“We also have a large population of people for whom English is their second language and may fall victim to these types of crimes,” Nacapuy said.

Nonpayment or nondelivery was the most common type of incident reported, followed by personal data breaches and phishing, according to the report. Causing the most damage were email exploits, confidence scams and nonpayment/nondelivery.

Hawaii also scored poorly in an election security assessment as well as for state spending, but that’s largely because the state wasn’t included in the National Governors Association report that the authors depended on.

State Chief Information Officer Doug Murdock said Hawaii was one of the few states that didn’t get their election hacked last year, and the state in general has done a great deal to protect itself from cyberthreats.

“I don’t believe the state is any more vulnerable than any other,” he said. “It’s a growing threat, and it’s something we must invest in.”

Murdock said a change in philosophy has prompted a $3 million budget request to the state Legislature to pay for new cybersecurity software. He said officials want to move away from hardware pieces to more flexible software protections that will allow the state’s cybersecurity to more easily evolve to changing threats.

Nacapuy said there are a few things people can do protect themselves online, including enabling “multifactor authentication” for all accounts, including banking.

Also be aware that no financial institution would ever call and ask for personally identifiable information or payment over the phone, Nacapuy said.

In addition, consider signing up for cybermonitoring that works similarly to credit monitoring, he said.