Assessing cybersecurity in Mississippi
JACKSON, Miss. (WLBT) - Cybersecurity is a particularly hot topic right now... especially in light of recently large and public ransomware attacks.
Ransomware is something the FBI says is a constantly evolving threat.
“The most likely targets are anything that’s going to affect our daily lives in costing people some kind of stress,” explained Steven Chambers, Assistant Special Agent in Charge of National Security at the FBI Jackson Field Office. “It started out years ago, frankly, but we saw it across the medical field, walking down records, walking at the hospital. Insight with school systems and now we’re starting to see it on infrastructure type things like the gas pipeline.”
And they investigate more cases than you might hear about.
“It generally wasn’t something that was understood unless you were affected by it, and a company would send out emails saying our business system was compromised,” added Chambers.
But they’ve now seen hackers wanting the notoriety and making it public when they force the attack to drive up the potential pay out.
”Ransomware is basically your old style, years back kidnappings,” said Chambers. “They continue to grow and be more prevalent because they demand a ransom and they can’t unlock or use their systems unless they pay out. And we’re in a position where we can’t unlock them either. So, it turns into a long term issue that’s gaining more notoriety and more foothold in society.”
State Auditor Shad White raised the red flag on securing information housed at state agencies with a report in 2019.
“A lot of sensitive, personal information is held on these computers and the last thing we want is for that to be made public,” White notes.
He says there are more safeguards in place at the state level now. But city government security could be in question.
“They may not have the safeguards in place. They may not be legally required to,” added White. “They may not have a backup of their system. Those kinds of places like municipalities, that’s the kind of place- it’s got a prime target on its back for these ransomware folks.”
Flowood based IT company SCS says ransomware isn’t the only potential cybersecurity threat. They work to try to better secure companies’ systems.
But they say there are some best practices you can follow to avoid exposing your data.
One, always use dual-factor authentication for passwords. Also, consider using three words that make a phrase when creating passwords. The idea is that longer passwords rather than complicated versions of numbers and characters may be less likely to be cracked. They also suggest tiered passwords.
“Social media accounts and things like that use one type of password. For banking and for anything financial is a separate type of password you don’t use anywhere else,” said Brian Clark, SCS Chief Technology Officer and Chief Information Technology Officer. “Tiering those passwords can help. It’s not a matter of if but you’re going to have your password on websites. That website’s going to get compromise. Somebody’s going to get in that database and crack that password.”
Clark notes that frequent training is important for company employees so they know not to click on unexpected links or downloading apps to their phones while connected to the network. Those apps are sometimes not legitimate as they may seem.
“The cost of an attack is always going to outweigh the cost of simply putting in the right, was it for protection and most importantly making sure your employees are regularly trained using some type of security awareness program,” added Clark.
Copyright 2021 WLBT. All rights reserve