RALEIGH, NC (WNCN) – With cyber and ransomware attacks on the rise, North Carolina is trying to stop them with a combination of new technology and proactive measures.
Cyber attacks are no stranger to North Carolina authorities. In the past two years, the state’s Joint Cybersecurity Task Force has responded to 40 incidents – 19 of them ransomware attacks.
RELATED: Practice Good “Cyber Hygiene” To Avoid Ransomware Attacks, Says One Expert
On Friday, the task force presented its efforts to prevent these attacks at a meeting with the State Emergency Response Commission.
The task force says it is offering municipalities and other public institutions free cyber hygiene assessments and a so-called penetration test to see where systems could be vulnerable to hackers.
If an authority is hacked, the task force sets up a special jump team.
“The NC National Guard will send three people,” said LT. Colonel Seth Barun. “There will be an incident response leader, a threat hunter, and a forensic analysis person.”
If the incident is major, the response will include more people.
Barun said many of the attacks target rural communities.
“They are targets of opportunity,” he said. “They have less than ideal security and become easy targets.”
According to a Raleigh-based cybersecurity expert, breaking into a system is relatively easy.
Managed IT Solutions’ Rob Downs said the biggest threat right now comes from a simple phishing attempt.
“The vast majority of incoming threats are still email,” he said. “That’s the biggest pitfall.”
The best way to stop phishing emails is relatively simple. Contact the sender, but use this technique.
“Don’t hit ‘reply,” said Downs. “Start a new email because if you reply to this email it will go back to the bad actor.”
Before a ransomware attack takes place, the bad guys can hide in a computer system for a month or more to assess its vulnerabilities.
To prevent this, the state is now offering free hardware that checks for suspicious activity.
“It’s a physical device that goes on the network and looks for and blocks malicious traffic,” said Tom McGrath, head of the cybersecurity task force.
After watching the online stream of Friday’s video conference, cybersecurity expert Downs praised the state’s efforts to give authorities more cybersecurity.
“Everything they had in there was mostly stuff that could be implemented at no additional cost,” he said. “You got the basics because unfortunately a lot of people don’t do them.”
Cyber security experts like Downs say that a lack of awareness of basic cybersecurity practices is what allows so many hackers to break into systems.
For this reason, experts recommend cyber training for anyone who uses a computer system because they say it only takes one mistake for a hacker to break into your server.