Dive Brief:
- Small businesses and local government agencies face considerable risks of ransomware and other malicious cyberattacks, federal and state officials warned in testimony during a Michigan field hearing before the House Subcommittee on Intelligence and Counterterrorism Tuesday.
- Threat actors have launched ransomware and other cyberattacks against Michigan school districts, colleges, small towns and businesses in recent years. U.S. Secret Service agents from the Detroit field office recently recovered almost $5 million following a business email compromise investigation, according to written testimony from Department of Homeland Security officials.
- Subcommittee Chairwoman Elissa Slotkin, D-Mich., said hackers target the state of Michigan’s servers more than 90 million times a day, citing data from the state’s chief information officer.
Dive Insight:
The hearing in East Lansing, Michigan, was designed to drive home the considerable cybersecurity risks faced by small towns, county governments and Main Street businesses across the U.S. While Michigan was the focus, its testimony is an example of cyberattacks organizations are seeing across the country.
Unlike Colonial Pipeline or JBS USA, many state and local organizations lack the funding or personnel to staff their own security operations center. It's also costly to hire a sophisticated incident response team and maintain a 24/7 security operation that can protect critical data.
“No matter how big an organization you are, the smallest cyber vulnerability can be damaging,” Iranga Kahangama, assistant secretary, cyber, infrastructure, risk and resilience policy at the DHS Office of Strategy, Policy and Plans, testified at the hearing.
Kahangama was a key figure in the federal response to ransomware attacks against Colonial, one of the nation’s leading fuel distributors, and JBS, one of the largest meat suppliers in the U.S.
The hearing was also designed to alert small business and local government officials about the resources available from federal and state government agencies that can help with mitigation and response against sophisticated attacks.
The Cybersecurity and Infrastructure Security Agency has advisors in almost every state in the U.S., including two in the state of Michigan, Matt Hartman, deputy executive assistant director at CISA, said during the hearing.
Hartman pointed to four basic security measures every organization should implement to protect sensitive data from ransomware and other cyberattacks:
- Implement multifactor authentication
- Maintain offline encrypted backups
- Create an incident response plan
- Report cybersecurity incidents to CISA (or the FBI)