HARTFORD, CT — Connecticut is taking a leading role in actively fighting back against cybersecurity attacks, according to state officials.
Gov. Dannel P. Malloy said the state receives daily reminders that “we are living in a time of cyber-insecurity.”
At a Capitol press conference Monday, Mark Raymond, chief information officer in the Bureau of Enterprise Systems and Technology, said state government websites receive a total of 4.8 billion visits per month and about 42 percent of that traffic is “not authorized.” That’s about 2 billion visits being blocked because it’s coming from known malicious Internet protocol addresses or threat signatures.
But there’s so much that is unknown.
“Cybersecurity is a team sport. There’s no one person is responsible for cybersecurity,” Raymond said.
According to the 39-page report on Connecticut’s cybersecurity strategy, the state receives close to 38 million emails per month, of which about 85 percent are blocked by the enterprise email gateway system. In a typical month, state anti-virus protection catches about 2,400 malware infections before they install. Despite this protection, state third-party monitoring detects an average of 66 infected or compromised state systems per month.
“As a target, the State of Connecticut, like all states, is a prize, because it is a trove of data that can be exploited or sold. Due to its responsibilities for revenue collection, law enforcement, public health, including Medicare and Medicaid, among many other things, the state has information on virtually all 3.5 million residents and health records for about 1.2 million,” the report states.
But the cybersecurity strategy released Monday was about more than the state of Connecticut. It was about making everyone aware of the threats.
Malloy said national intelligence officials and the federal government are doing their part but state government and the private sector need to step up their role in preventing these attacks. He said that’s why he called for the report a year ago when he created the position of Chief Cyber Security Risk Officer.
Art House, the man he appointed to the position, said no other state is putting together a cybersecurity strategy as “comprehensive and complete” as Connecticut’s.
He said the federal government and other governments have shown interest in Connecticut’s strategy.
“The cyber threat is global,” House said. “But it’s essential that states become part of our defense.”
Connecticut is unique in that it has a high concentration of insurance companies and defense companies, which are often targets of these types of attacks.
There’s also the threat of an attack on Connecticut’s infrastructure, such as its electric grid.
House said Connecticut has been asked to work with Ukraine and Estonia and some of the Black Sea states. He said they are also working with the U.S. State Department and the U.S. Intelligence community in their efforts to develop a strategy.
“We’re trying to change Connecticut’s cybersecurity culture,” House said.
He said the Internet like the automobile changed our world forever and there’s no going back.
He said cybercrimes are the fastest growing crime in the United States right now.
“A prolonged absence of the services of our critical infrastructure present a whole new order of threats to the state,” House said. “This is new. This is not a more powerful hurricane or an ice storm … We cannot wait for disaster to take this seriously.”
He said they need to rehearse because there will be an attack on critical infrastructure like the electrical grid.
House said they’ve been meeting with officials from the four largest utilities for electricity, gas, and water and have increased their defenses against any attack over the past two years.
Officials from those utilities have agreed to come up with an annual plan assessing the threats and agreed to meet to discuss them.
Within the next few months, Malloy said they will be publishing a more explicit cybersecurity action plan to execute the strategy they unveiled Monday.
They also published a website with resources for residents concerned about cybersecurity.
Asked who should be concerned, Department of Emergency Services and Public Protection Commissioner Dora Schriro said everyone should be concerned.
She said people need to use different passwords for important accounts and change their passwords. She said they also need to update their security and antivirus software. And they should be wary of anyone trying to get them to click on a link when the sender of the email is unknown to them.
She also asked that residents call state or local police to let them know about any suspected cyber crimes.