A top New Jersey cybersecurity official warned that the state’s government agencies, schools and companies are becoming more vulnerable to attacks from hackers and other cyber criminals and must take greater measures to thwart further threats to their computer networks.
This warning came from Michael Geraghty, director of New Jersey Cybersecurity and Communications Integration Cell, who spoke to an audience attending technology solutions provider MRA International’s annual networking event on July 12 in Long Branch.
He said that the state’s public and private sectors are “one mouse-click away” from a disastrous event, unless they use the proper security policies and procedures required to reduce potential data breaches.
Geraghty’s message on cybersecurity is a timely one, as criminal activity on computer networks continues to grow at an alarming rate in New Jersey and elsewhere across the country and the world.
Credit card and bank account details, medical records and other confidential and personal information are being stolen at an increasing rate because of a lack of proper anti-hacking software, employees unknowingly opening e-mails and clicking on content created by hackers to give them access to data, and other ways that threaten data security.
The United States had the most data breaches of any country, according to one industry statistic. There were 1,013 data breaches reported in the U.S. in 2016, with the UK placing a distant second with 38 breaches the same year, according to a report by the Identity Theft Research Center.
In New Jersey, there have been numerous cybercrime incidents involving companies and governmental entities.
In one instance, cybercriminals duped a New Jersey company into transferring of $800,000 into their bank account, instead of one that the company believed to be set up for a legitimate business transaction, according to Geraghty.
New Jersey’s law enforcement agencies also have been vulnerable to cybercrime. More than 20 New Jersey police departments were hacking victims in the past year, Geraghty said.
Phishing attacks, a fraudulent practice to get access to pass codes and other sensitive information, are also occurring with increasing regularity. For example, hackers have been aggressively targeting the state’s treasury department to obtain employees’ emails that could be used to “get into the coffers of the state,” Geraghty noted.
More rigorous cybersecurity policies and procedures are needed to help minimize the amount of damage caused by those who seek financial gain or to create other kinds of havoc. Many organizations are often lulled into a false sense of security that they have the ability to prevent a cyber attack, only to discover weeks or months later from law-enforcement agencies or another third party that their systems were breached, Geraghty said.
Most, if not all, attacks occur as a result of giving cybercriminals the opportunity to swiftly enter and exit a system. “By providing them the opportunity, it’s like leaving the keys in the ignition a car while it’s running,” Geraghty noted.
To reduce the possibility of falling victim to cybercrime, Geraghty recommended frequent testing of a system’s vulnerability to attacks, training employees and other system users on preventive measures, and establishing other safeguards.
Increased cooperation among state and federal government agencies to improve cybersecurity in recent years also is seen as a deterrent to curb breaches and other criminal activity. “If we work on sharing information, we have a better chance of protecting ourselves,” Geraghty said.