Rhode Island experts are calling for greater awareness about cybersecurity, following breaches to Providence Public Schools and Rhode Island’s state benefits portal.
“The attacks had been coming so much faster and more frequently in the past few years,” said Douglas Alexander, Director of Rhode Island College’s Institute for Cybersecurity & Emerging Technologies.
In September, Providence Public Schools shut down their internet networks for days, after detecting a cyberattack. Cybercrime group Medusa took responsibility for the hack and demanded a million-dollar ransom for student and employee data. The ransom went unpaid, and the personal information was leaked.
Then, in December, news broke that a cybercrime group called Brain Cipher hacked into RIBridges, Rhode Island’s state benefits portal. Though the breach is still being investigated, Governor McKee said that the attack could have exposed the data of an estimated 650,000 people.
“I can’t say I was surprised to see the cyberattacks,” said former U.S. Representative Jim Langevin. (The congressman has been a long-time advocate for cybersecurity. He is also the distinguished chair of the Cybersecurity Institute at Rhode Island College.) “They are of course unfortunate, but they’re so pervasive.”
Why are cyberattacks increasing?
Douglas Alexander said that cyberattacks to have become easier to carry out because of “credential stuffing.” Credential stuffing is the practice of taking known username and password combinations, and trying them on other accounts.
“Say, here’s someone’s account that got stolen from LinkedIn. I’m going to try it on Gmail. I’m going to try it on the bank,” said Alexander. “And they can do this at scale with hundreds of millions of accounts at a time and just see what hits.”
One study found that 24 billion username and password combinations are available on cybercriminal marketplaces.
Ransomware is a common form of cyberattack, said Alexander. Once hackers gain access to a system, they can lock users out of the system, essentially holding it hostage. Ransomwares attacks increased by 70 percent in 2023, according to the international crime data organization, INTERPOL.
Langevin partly attributed the increase in ransomware attacks to the rise of cryptocurrency. These online currencies allow cybercriminals to extract funds, without getting caught, he said.
“Bad guys can get paid in cryptocurrency, and then it’s virtually untraceable,” said Langevin.
What can individuals do to protect themselves?
Douglas Alexander recommended that everyone freeze their credit on Equifax, Experian, and TransUnion to protect their identities.
“What it does is it prevents any bad actor from pretending to be you and opening an account in your name,” said Alexander.
Langevin and Alexander also recommended keeping logins private, using multifactor authentication, and being aware of common scams, such as gift card scams.
“This isn’t just a concern for computer geeks anymore,” said Alexander. “It’s something everyone needs to think about and learn about.”
For more, watch our interview with Douglas Alexander and former congressman Jim Langevin on Rhode Island PBS Weekly:
