SOUTHWICK – Just a few days after the state’s Secretary of Technology Services and Security Curt Wood alerted municipalities of a high-risk threat to a common email system, the Southwick Select Board unanimously accepted a cybersecurity grant.
The grant, awarded by the Massachusetts Executive Office of Technology Services and Security, was also awarded to the Southwick-Tolland-Granville Regional School District.
“It’s the same grant the schools received,” said Select Board Chairman Douglas Moglin.
The grant aims to train employees on recognizing potential security breaches, including phishing emails. Phishing is a method of gathering personal information using deceptive emails. It can also prevent a ransomware cyberattack, which is when data is stolen and held for ransom.
“Another component of the grant is to have an outside firm resurvey our technology infrastructure and make suggestions for continued improvement. There have been increased security threats globally, including actors targeting local governments and other institutions,” Moglin said.
According to State House News, Wood warned of the threat at the same time as federal officials urged businesses and governments to protect themselves against what the White House said is “a significant vulnerability that could have far-reaching impacts.”
The email system, a Microsoft Exchange server, had been infiltrated by state-sponsored hackers from China. They were able to steal emails, address books and other information.
Southwick Chief Administrative Officer Karl Stinehart said the town does use the Microsoft Exchange but has had no breach.
“Our IT person has not detected issues in that regard for breaches,” said Stinehart. “The other thing to remember is we have received two grants under the Community Compact program for improved efforts to secure the IT operations, hardware and software programs. One was completed and another is ramping up with a different state vendor.”
Stinehart said the grant that was accepted Monday “is to undertake training for upwards of 130+ staff to provide heightened awareness of cybercrimes and techniques to help avoid problems. There is not a value to the grant as the state has a contract directly with the vendor providing the service over the next coming calendar year.”
The training could prevent future security issues by teaching staff to recognize potential threats.
State House News reports that Wood’s message stated “You should take immediate and appropriate action to protect your environment,” Wood wrote, directing local leaders to a bulletin published by the Multi-State Information Sharing and Analysis Center and an emergency directive from the U.S. Cybersecurity and Infrastructure Security Agency.
Microsoft’s Threat Intelligence Center said the group behind the hack is HAFNIUM, a state-sponsored cyber unit that the company said “primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs,” according to a State House News story by Chris Lisinski.
Gov. Charlie Baker pushed information technology and cybersecurity closer to the forefront of state government in recent years by creating the Cabinet-level Executive Office of Technology Services and Security in 2017 and pushing for the creation of the MassCyberCenter in 2018 to bolster the state’s cybersecurity readiness and to promote the cybersecurity economy.
Last fall, as hospitals were shoring up their cyberdefenses to protect themselves against a wave of ransomware attacks on health care facilities, Baker highlighted ransomware attacks — in which hackers gain access to important information and hold it ransom from the rightful owners — as “a persistent threat to municipalities.” The MassCyberCenter works with communities to provide assistance in developing or reviewing cyber incident response plans.
Cybercrime is also a threat to individuals and other agencies. STGRSD Director of Finance and Operations last week said that “there have been really horrific stories from school districts that have fallen victim to ransomware.”
In 2019, Wood told lawmakers that the state’s computer network is “probed” more than half a billion times each and every day by entities outside the United States looking for a weak spot in the state’s cyber protections that could allow bad actors to infiltrate the state’s information technology infrastructure.
“Every day, we have attacks. Just to give you a frame of reference, we have implemented new technology in the state where we are kind of able to analyze everything that comes into the state network and I will say as of today on a daily basis we receive about 525 million probes a day from foreign soil,” Wood said in September 2019. “They’re pinging our network, they’re scanning our commonwealth network trying to find a vulnerability.”