State seeks to aid cities, towns with cybersecurity issues

As cyber criminals hijack public computer systems nationwide, Massachusetts aims to protect cities and towns from attacks while leveraging the local high-tech industry’s resources, a top state cybersecurity official told municipal leaders at a Sept. 10 meeting at the State House.

During a meeting of the Local Government Advisory Commission, Stephanie Helm, director of the newly created MassCyberCenter, outlined the state’s efforts to safeguard computer infrastructure. She pointed to the state’s first Cybersecurity Week in mid-October and an Oct. 16 conference at Nichols College to help municipal officials assess their computer security needs.

“This is where we are starting to focus more, about trying to look at how can we raise all boats within Massachusetts so that we’re all more cybersecure and aware of the issues, and taking actions that we can to sustain our safety and our economic prosperity for the state,” Helm said.

The Massachusetts Technology Collaborative established the MassCyberCenter after Gov. Charlie Baker traveled to Israel in 2016 and recognized the need to enhance cybersecurity, Helm said. According to Helm, major threats include ransom attacks on computer systems, intentional or accidental actions by employees, state-sponsored attacks, attacks by criminals, efforts to create political uncertainty, and attacks on critical infrastructure.

Helm said her center has two areas of focus: enhancing cybersecurity resiliency and capitalizing on the state’s proximity to companies that are developing cutting-edge security technology. Goals include encouraging development of high-tech workers and IT professionals, conducting academic outreach, and supporting research and development.

Among its first tasks, the center established the Cyber Resilient Massachusetts Working Group, a collaboration of more than 45 private and public sector entities to help municipalities and critical institutions protect sensitive data, increase cybersecurity awareness and respond to threats.

Within that effort, Helm said, subgroups are working on a Massachusetts Cyber Incident Response Plan, tabletop exercises to help officials run through scenarios, and issues affecting municipalities. The working group also plans to form another subgroup to focus on the protection of critical infrastructure.

From Oct. 15 to Oct. 18, Massachusetts will hold its first Cybersecurity Week, an effort to highlight ongoing efforts and to raise public awareness. During that week, Nichols College in Dudley will hold a Cyber Adversaries conference, where speakers will address topics from academic, practitioner and law-enforcement perspectives, Helm said.

On Nov. 13, the National Governors Association will hold a policy workshop with state officials to help them maximize existing cybersecurity efforts, Helm said. Experts selected by the association will help the Commonwealth tailor its support to the state’s 351 cities and towns.

At the LGAC meeting, local officials shared their experiences with cybercrime, and the lessons learned. Gardner Mayor Mark Hawke said his city used a state Community Compact IT grant to help move its computing to the cloud and back up its data more aggressively. The change paid off when cybercriminals tried to hold Gardner’s system hostage for a ransom.

“We’re backed up, like, every minute,” Hawke said. “So when they did the ransomware, we said, ‘OK, that’s fine,’ and we lost a minute’s worth of data.”

New Bedford Mayor Jon Mitchell discussed his city’s “long summer with ransomware,” and its recovery efforts after someone attacked the city’s system in July and demanded $5.3 million to decrypt it. Mitchell said the attack didn’t affect services provided to the public and hit only about 4% of the city’s 3,500 computers. The main problem was getting the encrypted data back, he said.

While the city stalled the attacker with negotiations, it purchased new anti-virus software, decrypted what it could, and reconstructed the rest of its data from backup servers. Quick actions by the city’s information systems staff prevented worse damage, Mitchell said. He urged other cities and towns to be vigilant.

“We’re in an arms race with the bad guys out there, and most of them operate outside the reach of law enforcement,” Mitchell said.

Communities should consider spending more time and money on employee training and cybersecurity upgrades, he said.

“It’s serious stuff, and it’s not going to get easier anytime soon.”

For more information about Massachusetts Cybersecurity Week, visit masscybercenter.org/masscyberweek. For more on the Oct. 16 conference at Nichols College, visit pages.nichols.edu/cyber-adversaries.