Skip to main content
close search
site logo
Dive Brief

Cash-strapped Main Street organizations face global cyberthreats

A House subcommittee hearing in Michigan helped show the persistent risks faced by local schools, government agencies and Main Street businesses.

Published June 29, 2022
David Jones's headshot
Reporter
Chip Somodevilla via Getty Images

Dive Brief:

  • Small businesses and local government agencies face considerable risks of ransomware and other malicious cyberattacks, federal and state officials warned in testimony during a Michigan field hearing before the House Subcommittee on Intelligence and Counterterrorism Tuesday.
  • Threat actors have launched ransomware and other cyberattacks against Michigan school districts, colleges, small towns and businesses in recent years. U.S. Secret Service agents from the Detroit field office recently recovered almost $5 million following a business email compromise investigation, according to written testimony from Department of Homeland Security officials.
  • Subcommittee Chairwoman Elissa Slotkin, D-Mich., said hackers target the state of Michigan’s servers more than 90 million times a day, citing data from the state’s chief information officer.

Dive Insight:

The hearing in East Lansing, Michigan, was designed to drive home the considerable cybersecurity risks faced by small towns, county governments and Main Street businesses across the U.S. While Michigan was the focus, its testimony is an example of cyberattacks organizations are seeing across the country.

Unlike Colonial Pipeline or JBS USA, many state and local organizations lack the funding or personnel to staff their own security operations center. It's also costly to hire a sophisticated incident response team and maintain a 24/7 security operation that can protect critical data. 

“No matter how big an organization you are, the smallest cyber vulnerability can be damaging,”  Iranga Kahangama, assistant secretary, cyber, infrastructure, risk and resilience policy at the DHS Office of Strategy, Policy and Plans, testified at the hearing. 

Kahangama was a key figure in the federal response to ransomware attacks against Colonial, one of the nation’s leading fuel distributors, and JBS, one of the largest meat suppliers in the U.S.

The hearing was also designed to alert small business and local government officials about the resources available from federal and state government agencies that can help with mitigation and response against sophisticated attacks. 

The Cybersecurity and Infrastructure Security Agency has advisors in almost every state in the U.S., including two in the state of Michigan, Matt Hartman, deputy executive assistant director at CISA, said during the hearing. 

Hartman pointed to four basic security measures every organization should implement to protect sensitive data from ransomware and other cyberattacks: 

  • Implement multifactor authentication
  • Maintain offline encrypted backups
  • Create an incident response plan
  • Report cybersecurity incidents to CISA (or the FBI)

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Threats
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell