Governor Ned Lamont provided an update on Connecticut’s efforts to improve cybersecurity during a March 9 press conference at Fairfield University.
Lamont said his background in telecommunications made him aware of the potential damage from a cyberattack.
“Our first tabletop exercise at the emergency operations center was to simulate cyberattacks on a regional basis, because cyberthreats don’t respect borders,” he recalled. “This was a simulated attack on natural gas systems in Massachusetts that would impact the Connecticut grid and beyond.”
Lamont credited this exercise, which included governors from across the region, with laying some of the foundation for the Covid response across state borders in the region. He also pointed out that the demand for cybersecurity experts is growing across Connecticut, with a need for more experts not only employed by the state but by individual companies. About 500 openings for various cybersecurity roles are expected across the state by the end of the year, he added.
Mark Raymond, the state’s chief information officer, joined Lamont in emphasizing the need for continued vigilance against cybercrime, likening it to the pandemic.
“Today’s topic is a bit like Covid-19,” Raymond said. “It’s going to be with us for a while. The difference between cybersecurity risk and the pandemic is that the pandemic seems to be getting better.
“Cybersecurity threats have continued to grow,” he added. “So what do we do for the businesses we run and the risks do they continue to increase? We doubled down on the strategy. We put great people to the effort. We improve those things under our control, and then we do them again the next day. »
Raymond also observed that more than 200 denial of service attacks on public websites have been stopped by the state in the past year. One, directed to an unnamed high school in the state, lasted up to 112 days.
Stay alert for a possible attack
Outside the press conference, Bob Thomas, head of information security at Trumbull-based Kyber Security, warned that the numbers quoted at the conference may not tell the whole story.
“The difficult part of the statistics cited is that there are many more cyberattacks that go unreported, or even undiscovered, because the average breach goes 187 days undetected,” said Thomas, whose company was founded in Fairfield. 35 years ago and has provided cybersecurity services and advice to clients across the region since its inception.
“When situations such as the current one with Russia occur,” Thomas noted, “it seems like the activity of threat actors, nation states and others, increases, threatening all types of organizations in all My advice to people is to make sure they are vigilant about training their employees and having controls in place to protect their data.
According to Thomas, the two steps every business should take — if they haven’t already — are to enable multi-factor authentication where possible and to ensure that all operating systems are up-to-date and combined with professional-grade anti-virus software.
“Without multi-factor authentication, it’s about when you get hacked, not if,” Thomas pointed out.
Multi-factor authentication, also known as two-factor authentication and 2FA or MFA, sends a message to a trusted email or phone when a login attempt is attempted with a one-time code. This adds an extra step to login, but makes it easier to detect unauthorized access and makes the hacker’s job much harder.
Built-in antivirus and firewall software aren’t up to the task of protecting a business, Thomas said. New viruses and techniques are being developed every day, so he stressed the importance of frequently updated software that will automatically install new patches.
Most importantly, staff need to know what to look for, because someone who falls into the trap can circumvent the world’s best technological defenses.
“If anything smells weird,” Thomas said, “stop and check.”