Most States Receive Failing Grade for Management of Foster Youth’s Federal Benefits A report gives most states an F grade for failing to preserve the federal benefits of foster youth. The Children’s Advocacy Institute at the University of San Diego School of Law...
Russia’s invasion of Ukraine has made cybersecurity a priority; according to Government Technology, cyber experts are warning that U.S. organizations could be targeted by Russian cyberattacks or impacted by the spillover of malware unleashed in Ukraine. The entire world seems to be bracing for not only how the conflict unfolds on the other side of the globe, but also how things unfold behind the keyboards. Cybersecurity remains a top concern for the federal government and recently, even more so for state and local government agencies in this age of conflict—with a pandemic sidekick.
On December 4, 2021, the Maryland Department of Health was the target of a ransomware attack. According to Gov. Lawrence Hogan and top Maryland DPH officials, the attack on the agency’s computer system sought a ransom payment from the state. They did not pay, as other states have in the past. The Maryland Department of Health and its 24 local government partners struggled for weeks during an outage that left some patients in the state unable to access medications. State officials were unable to issue death certificates and COVID numbers were being tracked by hand, according to Maryland Matters.
Washington state reported a breach at the Washington State Department of Licensing that affected approximately 650,000 individuals in January. The hackers stole the personal data of professional and occupational licensees that included social security numbers, forcing the department to take down the system to investigate the breach. The Washington Policy Center reported on March 6 that the Washington State Department of Licensing restored its website and now offers free credit reporting to those affected. The attack took Washington’s system down for two months.
New Jersey saw an uptick of 12% in attacks originating from Belarus and Russia just in the two weeks before March 3. Inconvenience to users is no longer a consideration for multifactor authentication, it is increasingly becoming required.
According to the HIPAA journal, 2021 also saw an increase in the severity of ransomware attacks. Ransomware gangs try to inflict as much disruption as possible to increase their chances of receiving the ransom. According to the article, “ransomware gangs are targeting cloud infrastructures and are exploiting known vulnerabilities in cloud applications, virtual machine software, and virtual machine orchestration software.”
The more we seem to expand on remote working, the more the vulnerabilities increase. Initial access to networks is gained through phishing attacks used to obtain credentials, such as Remote Desktop Protocols (RDP). These attack vectors have proven successful due to the increased attack surface due to remote working and schooling as a result of the pandemic.
The National Conference of State Legislatures (NCSL) issued a report showing at least 250 bills or resolutions introduced in 2021 by 45 states and Puerto Rico to deal with cybersecurity, with 35 states enacting bills. This represents quite an increase since the beginning of the pandemic.
Renae Gugler, Technical Analyst at GL Solutions, writes articles about issues that affect licensing agencies, helping government run, grow and adapt.
Subscribe to our newsletter to receive the latest regulatory news delivered to your inbox each week.
Join our mailing list to receive the latest news and solutions for regulatory agencies.