With an ongoing surge of cyber-attacks during the COVID-19 pandemic, the Wolf administration is reminding Pennsylvanians about the need to protect their information online.
“Online criminals will try to exploit any situation to steal the personal information and defraud consumers, and this pandemic is no different,” said Secretary of Administration Michael Newsome. “As the pandemic continues, the need to be vigilant in our online activities is greater than ever.”
The FBI recently reported that the number of complaints about cyber-attacks had reached 4,000 per day, a 400% increase compared to before the pandemic. The international police agency INTERPOL also reports an alarming rate of cyberattacks globally. In addition to consumers, businesses and government agencies are also being targeted.
“Phishing is by far the most common tactic used by cyber criminals,” noted Erik Avakian, chief information security officer for the commonwealth. “The easiest way for bad actors to commit their crimes is by tricking people into handing over their information or opening links to malicious software.”
Phishing is when someone represents themselves as a trusted source so that a victim will provide personal information, open attachments, or click on links. Phishing frequently occurs through email, it can also occur through phone calls, websites, social media, text messages, and other forms of communication.
The Protecting Yourself Online guide, available on PA.gov, provides information to help prevent identity theft and other cybercrimes, as well as resources and advice on what to do if you become a victim.
You can help to secure your personal information by: installing firewalls, anti-virus, and anti-spyware programs and keeping them up to date; using strong passwords that include upper- and lower-case letters, numbers and special characters; not opening email or related attachments from untrusted sources; avoiding public Wi-Fi hot spots, such as those offered by retailers and at other locations, whenever possible; educating yourself about popular online scams, such as ransomware and phishing, and how to recognize them.
The Office of Administration (OA) oversees cybersecurity for state agencies under the governor’s jurisdiction. Over the years, Pennsylvania has emerged as a leader among states in cybersecurity through innovation and best practices. The National Association of State Chief Information Officers (NASCIO) recently named one of Pennsylvania’s cybersecurity initiatives a finalist in their national awards competition. By correlating large volumes of disparate data from multiple sources to develop key security risk indicators, Pennsylvania has been able to increase the effectiveness of its security awareness training for employees and contractors and tighten procedures around the management of user accounts.
As part of the Governor’s Customer Service Transformation initiative, OA is implementing Keystone Login, which will allow users to log into online services from multiple state agencies with the same account credential, improving both security and customer service. OA also provides shared cybersecurity services to counties, cities, and school districts, including security awareness training and anti-phishing exercises for employees. The office also works closely with counties and the Department of State on election cybersecurity.
Wolf has proclaimed October as “Cybersecurity Awareness Month” to encourage all Pennsylvanians to take proactive steps to protect themselves online.