NC officials using new technology to stop cyber and ransomware attacks

Investigators

RALEIGH, N.C. (WNCN) — With cyber and ransomware attacks growing, North Carolina is trying to help stop them using a combination of new technology and proactive measures.

Cyberattacks are no stranger to North Carolina agencies. In the last two years, the state’s Joint Cybersecurity Task Force responded to 40 incidents — 19 of them ransomware attacks.

Friday, the task force outlined its efforts to prevent those attacks in a meeting with the State Emergency Response Commission.

The task force says it offers municipalities and other public agencies free cyber hygiene assessments as well as offering to do a so-called penetration test to see where systems may be vulnerable to hackers.

If an agency is hacked, the task force will deploy a special jump team.

“The N.C. National Guard will send in three people,” said LT. Col. Seth Barun. “It’ll be an incident response lead, a threat hunter and a forensic analysis person.”

If it’s a larger incident — the response will include additional people.

Barun said many of the attacks involve rural municipalities.

“They’re targets of opportunity,” he said. “They have less than ideal security and become easy targets.”

Getting into a system is relativity easy for the bad guys, according to a Raleigh-based cybersecurity expert.

Rob Downs of Managed IT Solutions said the biggest threat right now comes from the simple phishing attempt.

“The vast majority of threats that come in are still through email,” he said. “That’s the biggest gotcha.”

The best way to stop phishing emails is relatively simple, check back with the sender, but do it by using this technique.

“Don’t hit reply,” said Downs. “Start a new email because if you reply to that email, it will go back to the bad actor.”

Before a ransomware attack happens, the bad guys may hide in a computer system for a month or more to assess its vulnerabilities.

To try and thwart that, the state is now offering free hardware that’ll check for suspicious activity.

“It’s a physical device that goes inline in the network and looks for malicious traffic and blocks that,” said Cybersecurity Task Force head Tom McGrath.

After watching the online stream of Friday’s video conference, cybersecurity expert Downs lauded the state’s efforts to make agencies more cyber-secure.

“Everything they had in there was mostly stuff that could be enacted without additional cost,” he said. “They were hitting the basics because unfortunately a lot of people don’t do them.”

Cybersecurity experts like Downs say that lack of awareness about basic cybersecurity procedures is why so many hackers can get into systems.

That is also why experts recommend cyber training for everyone using a computer system, because they say, it takes just one mistake to allow a hacker into your server.

Copyright 2021 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Trending Stories

Click here for full list of trending stories