The State Cyber Challenge

Todd R. SearsEmergency Management Director

Agency of Transportation

todd.sears@vermont.gov

(m) 431-5769

a briefing for:

2019 EM Conference

Agenda

• The Language of Cyber• Attack Types• Who Gets Hit?• Critical Infrastructure & Cyber• What Should I Do? (Cyber Hygiene)• State Cyber Strategy

Dissecting a Cyber Attack

Get In.

Do Bad Things.

Get Out.

“Phishing”

“Cloud”

“Domain”

“Social Engineering”

“Firewall”

“Malware”

“Spearphishing”

Attack Types

Office of Personnel Management (OPM) Confidentiality Attack

• Advanced Persistent Threat (APT)• 4.2 million personnel files compromised• 5.6 million fingerprints

2013

States are at RiskOctober 2014Oregon Employment Department (Hack)• DB of job applications used by state

unemployment offices• 850K names, DOB, SSN exposed

October 2012South Carolina Department of Revenue (Hack)• 3.6 million SSNs• 387K credit and debit card numbers• Impacted all SC tax filers since 1998

March 2012Utah Medicaid (Hack)• 780K citizen records• 280K SSNs, addresses, DOB, diagnosis

codes, taxpayer ID #s• Cost to State: $3.4 Million

April 2011Texas Comptroller (Accidental Breach)• 3.5 Million records exposed, to incl:

• Teacher retirement data• SSN, driver’s license #s, DOBs

• Some records on public server a year before discovery

Attack Types

SCADAAn Integrity Attack

Supervisory Control &

Data Acquisition

Attack Types

Wannacry Ransomware An Accessibility Attack

• May 2017, Worldwide attack• MS Windows OS Target• 200K computers across 150 countries• Targets: UK NHS, Nissan Motors, FedEx• North Korea suspected

Who is Being Hit?

Health Care & Pub Health

Energy

Defense Industrial Base

Critical Manufacturing

Commercial Facilities

Nuclear

Government Facilities

IT

CommunicationTransportation

Food & Ag

Dams

Water & Waste Water

Chemical

Banking & Finance

Emergency Services

Critical Infrastructure & Cyber

SCADA

Data Breach & Loss

Digital Hygiene

1. Install OS/Software Updates

2. Run Anti-virus Software

3. Don’t Use Open WiFi Networks

4. Don’t Click Attachments

5. Use Multi-factor Authentication

6. Use Strong Passwords

7. Back-up Your Data

CYBER CAPABILITY

Improve Vermont’s digital security through increased knowledge, enhanced workforce development, and improved technology to reduce the risk of future cyber-attacks.

CYBER RESILIENCE

Increase Vermont’s ability to respond to and recover from cyber incidents. Decrease pot disruption, financial impact, intellectual property loss, and violation of privacy.

CYBER COMMUNICATION

Expand Vermont’s communication, coordination, and awareness between entities such as state and local government agencies, businesses, and citizens to improve understanding of risk.

CYBER EDUCATION

Build strong partnerships with local universities and colleges to enhance cyber education of Vermonters enabling the improvement of cyber capability, the expansion of cyber communications, and the increased cyber resilience.