State information technology officials have strengthened their defenses against hackers and cybercriminals who attack their computer networks millions of times a day, but admit they’re not fully prepared for increasingly complex threats that could expose the personal information of their residents. A report by the National Association of State Chief Information Officers (NASCIO) and consulting firm Deloitte & Touche LLP released Tuesday revealed that cybersecurity is the foremost priority for state IT officers, who are highly concerned about increasing efforts, especially by sophisticated crooks, to breach their systems. “These sophisticated threats have grown significantly,” said Doug Robinson, NASCIO’s executive director. “There’s a never-ending parade of bad guys who are attempting to penetrate the network.” For citizens, the stakes in averting breaches are high. State data systems contain personal information about millions of people that is valuable to identity thieves. They house birth and death certificates, and driver’s license numbers. The systems also house Social Security numbers of state income taxpayers and the credit card numbers of people who make payments to state agencies.
The report, in which top IT security officers from 48 states were surveyed, predicted the most prevalent threats to their systems were those targeted at state employees by crooks looking for a way in.
Some fraudsters go “phishing,” using emails to guide unwitting state employees to fake websites designed to get personal information, such as passwords. Others go “pharming,” redirecting internet users from a legitimate website that’s been tampered with to a fake one that looks real.
And while most elected and appointed state officials overestimate how well threats will be handled by their IT security officials, the report found, only about a quarter of the security officials responsible for dealing with the threats are very or extremely confident that adequate measures are in place to protect the data. “As these cybercriminals get more sophisticated, that means the defense mechanisms I’m relying upon may not be able to keep up,” said Victor Chakravarty, Maine’s chief information security officer.
Full Article: State Computers Increasingly Under Attack by Cybercriminals.