You’re sitting at work one day when your phone rings.
The caller informs you that they work with Microsoft, and they need to remotely log into your computer to update an important file. Looking to put the call behind you and move on with your work day, you agree and give them all the information they need to do so.
Unbeknownst to you, however, the call was a scam, and now those same scammers have you — and your data — in their clutches.
“Believe it or not, that particular cyberattack has been around for the last 15 years, but there’s still individuals who fall victim to it because the people call and they come across as fairly believable,” said Todd Link, chief risk officer at Dupaco Community Credit Union. “You don’t answer the phone expecting it to be a bad actor.”
The frequency and sophistication of such cyberattacks have risen in recent years, Link explained, as technology has evolved into a near-ubiquitous tool for individuals and businesses.
Some scams are tried-and-true classics while other attacks are so subtle that they can be nearly impossible to detect — an evolution and variety that has necessitated a change in behavior for tri-state businesses small and large looking to keep their data secure.
“Nobody is immune to an attack,” Link said. “It’s small businesses, big businesses and individuals. Education around (cybersecurity) is more important than ever.”
TC Networks recently responded to that need by designating Timothy Krieger as the Platteville, Wis.-based company’s dedicated cybersecurity engineer. The IT company works with a variety of clients in the public and private sectors.
Krieger previously worked at the company as a network engineer but took on his more dedicated cybersecurity role six months ago as the company recognized the growing number and complexity of cyberattacks.
“There are different cyberattacks happening pretty much every day,” Krieger explained. “Cybersecurity has always been a part of our day-to-day focus but it just became clear we needed someone who was dedicated to sitting down and reviewing those threats.”
Krieger reviews possible or reported hacking attempts from TC Networks’ clients and works on educational programing for business and municipal clients across various industries and sizes.
Some fixes are simple, Krieger said, such as setting up dual-factor authentication for company emails to minimize illegitimate logins. Others require more dedicated review of more nuanced network weaknesses.
Janet Adalance, IT network administrator for Delta 3 Engineering, said her cybersecurity linchpins are routine technology updates and employee education.
“It seems simple, but that’s what will protect you in the long run,” Adalance said. “When you think about these big, big cyberattacks where there’s all this money lost, it usually starts with one person clicking one bad link.”
Delta 3 has offices in Dubuque and Platteville. Workers at both receive training in how to avoid common scams, Adalance said, and are taught to be vigilant about any unprompted requests for passwords or other personal information.
Adalance then complements that education with routine security upgrades for the engineering company’s servers and other technology.
Nikki Kiefer, CEO of Sedona Staffing Services, said regular cybersecurity upgrades also have become the norm for her Dubuque-based business. In addition to in-house IT services, Sedona also purchases external protection and insurance plans for its data.
The company hasn’t had any issues with hacking, Kiefer said, but still seeks regular cybersecurity upgrades as a precaution since the employment agency handles a lot of personal information for its clients and job seekers.
And that protection comes at a cost.
“Added protection means added costs,” Kiefer said. “You have no choice. You have to get those things in place but the cost for some of the policies are just crazy.”
According to IANS, a Boston, Mass.-based business-consulting firm, cybersecurity made up a steadily growing proportion of total IT costs between 2020 and 2024. In 2023, it accounted for roughly 12% of businesses’ total IT budget nationwide, up from 8.6% in 2020.
As a result, the cybersecurity job market is booming and several tri-state area organizations are working to meet the need.
University of Wisconsin-Platteville this year marked the reopening of its state-of-the-art cybersecurity lab after a recent renovation. The lab was built for students of the university’s dedicated cybersecurity program, which launched in 2020 and has experienced rapid growth.
“We started with only a handful of students, but this year we have 106 students in the program,” said Yan Shi, interim chair of UW-P’s computer science and software engineering department. “That’s directly caused by the dramatic increase in demand for cybersecurity experts.”
The lab is set up similar to a typical computer lab, Shi explained, but with the capacity to teach students a variety of cybersecurity-specific courses in network security, software development and “ethical hacking.”
The latter course teaches students how to understand hacking basics so they can counteract hacking efforts from bad actors, Shi explained. The goal is for students to graduate ready to tackle any cybersecurity concern.
“Computers are everywhere. Networks are everywhere. Everything is on the cloud nowadays,” she said. “This technology has penetrated everybody’s daily life, and that’s brought a lot of good things, but it’s also increased opportunities for hackers to attack.”