Gov. Ned Lamont provided an update on Connecticut’s efforts to improve cybersecurity during a March 9 press conference at Fairfield University.
Lamont said that his background in telecommunications made him cognizant of the potential damage of a cyberattack.
“Our first tabletop exercise in the emergency operations center was simulated cyberattacks on a regional basis, since cyber threats don’t respect borders,” he recalled. “It was a simulation of an attack on natural gas systems in Massachusetts, which would have an impact on the grid in Connecticut and beyond.”
Lamont credited that exercise, which included governors from across the region, with laying some of the groundwork for Covid response across state lines in the region. He also emphasized that the demand for cybersecurity experts is growing across Connecticut, with a need for more experts not just employed by the state but by individual firms. Roughly 500 openings for various cybersecurity roles are expected statewide by the end of the year, he added.
Mark Raymond, the state’s chief information officer, joined Lamont to emphasize the need for ongoing vigilance against cybercrime, likening it to the pandemic.
“Today’s topic is a bit like Covid-19,” Raymond said. “It’s going to be with us for some time. The difference between cyber security risks and the pandemic though is the pandemic appears to be getting better.
“The threats to cybersecurity continued to grow,” he added. “So, what do we do for the businesses that we run and the risks they continue to rise? We doubled the strategy. We put great people on the effort. We improve those things in our control and then do it again the next day.”
Raymond also observed that more than 200 denial of service attacks on public websites were stopped by the state in the past year. One of them, directed at an unnamed high school in the state, lasted for as many as 112 days.
Staying Vigilant for Possible Attack
Separate from the press conference, Bob Thomas, chief information security officer at Trumbull-based Kyber Security, cautioned that the numbers cited in the conference may not tell the whole story.
“The tough part about the quoted statistics is that there are many more cyber-attacks that are not reported, or even undiscovered, as the average breach goes 187 days unnoticed,” Thomas said, whose company was founded in Fairfield 35 years ago and has provided cybersecurity services and consulting for clients throughout the region since its inception.
“When situations such as the current one with Russia occur,” Thomas noted, “it seems that activity by threat actors, nation state and otherwise, increases threatening all types of organizations in all business sectors. The advice that I give the people is to make sure that they are vigilant about educating their employees and implementing controls to protect their data.”
According to Thomas, the two steps every business should take — if they haven’t already — are enabling multifactor authentication wherever possible and ensuring all operating systems are up to date and paired with business grade antivirus software.
“Without multifactor authentication it is a question of when you will get hacked, not if,” Thomas stressed.
Multifactor authentication, also known as two-factor authentication and 2FA or MFA, sends a message to a trusted email or phone when a login is attempted with a one-time code. It adds another step to logging in, but it makes unauthorized access easier to catch and complicates a hacker’s work considerably.
Built-in antivirus and firewall software is not up to the task of protecting a business, Thomas said. New viruses and techniques are developed every day, so he highlighted the importance of frequently updated software that will auto-install new patches.
Above all though, staff needs to be aware of what to look for, since one person falling for a trick can circumvent the best technological defenses in the world.
“If something smells funny,” Thomas said, “stop and check.”