MYRTLE BEACH, SC (WBTW) – Municipalities in South Carolina can be an easy target for cyber attacks, underscoring the need for a security infrastructure months after large-scale hacks shed light on the problem.
“It’s important for organizations to protect themselves from these attacks because everything now involves computers,” said Ryan Truskey, deputy director of information security for the South Carolina law enforcement division. “It’s something every organization needs to protect. “
Truskey said there was “a high level” of incidents with state, government, healthcare and financial institutions being the primary targets of cybercriminals. What makes these attacks even more common, he said, is that municipalities can be seen as easy prey.
“Cyber attacks are something that happens all day, every day, all night, and when we are protecting against cyber attacks,” Truskey said, also noting that network security applications block many low-level attacks. .
In January, Georgetown County experienced a “major infrastructure breach” following a “very sophisticated attempt” that “most people would have mistaken for legitimate email,” which impacted online systems such as email and GIS, officials say. The attackers demanded a large amount of cryptocurrency as ransom, which officials refused, choosing instead to rebuild his system entirely. These types of attacks are often linked to terrorist organizations, the county said, and there is no guarantee that cybercriminals will follow through on their promises to restore systems.
The stolen data, including the social security numbers of some employees, was later released by DoppelPaymer, a ransomware gang.
The Georgetown County system is back up and running, according to Jackie Broach, Georgetown County public information officer.
Prior to the incident, Broach said IT staff trained employees on how to identify and avoid cyber attacks. This training continues and the county has implemented additional security measures such as improved threat detection, two-factor authentication, and cloud-based messaging and document systems.
In May, the Colonial Pipeline, which carries 45% of all fuel consumed on the East Coast, had to temporarily suspend all pipeline operations following a successful attack, causing massive panic at pumps in South Carolina at the time. that people were rushing to fill their vehicles.
A July report from North Myrtle Beach shows the city has blocked at least 255,000 web attacks and quarantined and / or blocked more than 90,000 emails. News13 has contacted the city for more information. A spokesperson said “the City is refusing to participate” and said its protocol is not to discuss security measures.
The South Carolina Critical Infrastructure Cybersecurity Task Force, or SC CIC, was established by former Governor Nikki Haley and was formed by Governor Henry McMaster with the goal of creating a task force responsible for investigate state infrastructure. The task force is made up of agencies such as the Office of Homeland Security, the FBI, the US Secret Service, the National Guard, State Emergency Management, and the Election Commission, among others.
Truskey said this is a high priority topic for SLED. With the speed with which technology is changing, he said, it’s hard to stay up to date. The systems must be functional, but also secure.
More recent attacks have targeted supply chains and shown that agencies can no longer trust software to block cybercriminals.
“User training is extremely important, and one of the things we offer at SC CIC is training in this space,” said Truskey.
A successful attack can cost agencies both money and reputation and can lead to legal action, depending on the type of information disclosed.
Truskey said the Georgetown County violation was reported to the task force and dealt with at the county level. This attack, he said, is similar to others he has seen. Truskey said the county was not a member of the SC CIC program at the time, but has since joined.
The program is opt-in and currently used by over 100 agencies around the state. It offers free services like training and system audits. Part of his initiatives include sending 15 emails similar to the attacks he has seen circulating, then will receive training on how to work safely from home and how to identify fake text messages. .
Working from home during the pandemic, Truskey said, can be risky for safety.
“This creates a lot of challenges because organizations used to have everyone on their network and in place on their network to protect these users,” he said. “Now these users have returned home and are using their home networks, where the same security services don’t apply. “
He said organizations can prevent attacks by educating users and cleaning up systems. It encourages non-participating agencies to join the SC CIC program, which will help share information and lessons that can help prevent future violations.
“At least we’re a second pair of eyes to increase the security they already do in their agency,” he said.