We all know October is the month of scary movies, corn mazes, and Halloween costumes, but did you know that it’s also the month of Cybersecurity Awareness? The threat of cyber-attacks is certainly no joke, especially when it comes to video surveillance. But cybercriminals aren’t just after surveillance footage; infiltrating a surveillance system may grant a hacker the ability to compromise an organization’s entire IT network.

Here are seven spooky facts about cybersecurity that every security professional should keep in mind:

1) A more connected world means more attackers

The world is more connected than ever with the number of internet-connected devices rising every year. However, increased connectivity comes with a cost: more targets for hackers. In fact, Online Trust Alliance named 2017 “the worst year ever in data breaches and cyber-incidents around the world.” By installing surveillance solutions that detect and defer infiltration, security professionals can maintain the safety of business assets through the use of intelligent features such as Analytic Overlay and Pelco Camera Link.

2) Cyber-attacks come with a hefty price tag

Data breaches and other forms of cyber-attacks affect businesses, employees, and consumers around the globe. This can result in civil lawsuits, fines, productivity loss, and even damaged company reputations. In the U.S. alone, cyber-attacks cost the economy between $57 and $106 billion in 2016, according to an estimate by the White House Council of Economic Advisers.

3) Video evidence is an attractive target

Preventing and sabotaging video evidence of criminal activity are common reasons hackers infiltrate surveillance systems. If such systems are unprotected from vulnerabilities, hackers can deactivate cameras or replace evidence-rich video with irrelevant footage. To demonstrate how vulnerable surveillance cameras are to cyber-attacks, a researcher in Argentina recently showed that he could remotely hack into thousands of such devices around the world.

4) They don’t just want video evidence

A video surveillance system can also be a convenient entry point for cybercriminals to gain access to other servers in the organization’s IT network and get their hands on valuable data such as credit card information, social security numbers, and even closely guarded trade secrets. Once hackers expose these details, it can take months or even years for businesses to recover from such data breaches.

5) Cyber-attacks don’t always come from people

Though many cyber-attacks are executed by individual or group hackers, other data breaches may also come from automated programs that scour the internet for connected devices to attack. Once compromised, the device can be used to attack other devices or systems.

6) Cyber-attacks increasingly come with ransom notes

Ransomware is a frightening new reality that every organization must address. A report by Malwarebytes found that ransomware attacks increased by 90% in 2017. A notable victim was Hancock Health, a hospital in Greenfield, Indiana that paid hackers $55,000 to recover sensitive patient data.

7) Everyone –– big and little –– is a target

Hackers aren’t just going after the big fish. A survey by insurer Hiscox found that 47% of small businesses had experienced cyber-attacks in 2017. And while larger corporations might have the resources to fend off and respond to such incidents, small organizations are often ill-equipped to respond to them effectively. The same study found that half of small businesses did not have a strategy in place to respond to an attack.

Bottom line: Handling a spooky world

The frequency and intensity of cyber-attacks may be frightening, but the situation is hardly hopeless. There are important strategies that security professionals can take to fend off hackers and protect business assets.

One of the most important principles of cybersecurity is that it is made up of people, processes, and technology. Along with personnel who are passionate about maintaining the security of the business, there must also be a constantly evolving set of measures and products that act as a protective barrier to counter the risk of cyber-attacks. Above all else, the key is constant vigilance. If security professionals make cybersecurity a top priority in every organizational decision, businesses will not only see a reduced chance of successful attacks, but they will also be in a much stronger position to deal with future breaches.