The North Dakota IT Department says the number of unresolved cybersecurity incidents in the state has nearly doubled since state employees and public schools began working from home.
The reason the attacks are without resolution is because the state’s security team doesn’t have the bandwidth to deal with it.
In fact, the amount of nd.gov data, including K-12 information, that’s now for sale on the dark web has increased by over 2,087 percent in 2020. The type of information out there includes social security numbers, financial data, addresses…and the list goes on.
Chief Information Security Officer Kevin Ford says, “NDIT has no data that suggests that there is a current breach of North Dakota systems.”
He says, “There are billions of pieces of personal information on the Dark Web, a trend that will continue as hackers seek to exploit people and organizations for personal gain. This is why we all need to have better personal discipline around our cybersecurity habits.”
Ford explained in a statement that much of the data now on the dark web “is associated with services or applications not associated with the state where individuals may have used their state IDs (against policy) to register.”
“It’s a very real problem, and unfortunately once it’s there, it’s very difficult to have it removed, if not impossible to have it removed. Unfortunately, I think this is the new reality, and so we’re all just going to have to be hyper-vigilant about all these sort of strange things that seem to be happening around our personas on the internet,” Ford added.
ITD presented a couple of big projects to the Legislative Information Technology Committee Thursday to improve the current situation.
One of the biggest plans in the works is artificial intelligence anti-malware that can automatically thwart many hackers in the background, while cybersecurity experts focus on big picture issues.
In his statement to KX News, Ford emphasized, “there is a consistent barrage and onslaught of cybersecurity threats that we all face daily: from phishing attacks to vulnerabilities with weak passwords or outdated anti-malware protection. Our end users are an important part of our cybersecurity defense. That is why we want to urge all citizens to be vigilant when it comes to protecting themselves online.”
NDIT has some suggestions to keep your identity safe:
- Use strong passwords with 12+ characters and update them frequently – don’t use the same password for all accounts;
- Implement multi-factor authentication;
- Be aware of texts, calls or emails from unknown senders – this is called ‘phishing.’ If you weren’t expecting it or don’t know the sender, don’t click, respond or share personal information;
- Visit the Cybersecurity and Fraud page under Resources at NDResponse.gov for a wealth of cybersecurity threats and tips to help keep you and your family safe online.
- We encourage citizens to use tools like https://haveibeenpwned.com/ to see if their information may have been associate with any breaches.
- Follow these steps, be diligent, be NDSmart and Cyber Smart.