LANSING—Michigan cyber security experts told state lawmakers on Tuesday that Michigan is leading the effort to protect people and infrastructure from cyber-attacks.
The Senate Energy and Technology Committee heard testimony from Maj. Gen. Gregory J. Vadnais, Adjutant General of the Michigan National Guard; the state’s chief security officer; and representatives of the Michigan Public Service Commission and Michigan State Police.
“Cyber-attacks pose a real and ongoing threat to businesses, people and our state as a whole,” said committee chair Sen. Mike Nofs, R-Battle Creek. “I applaud Governor Snyder and the Legislature for recognizing the threat and working in a proactive, comprehensive and coordinated manner to ensure Michigan’s cybersecurity efforts are second to none.”
Testimony revealed that the majority of current cyber-attacks seek to uncover individuals’ personal and financial data which can then be sold to third parties. Attempted attacks on state systems have been varied and voluminous according to the state’s chief security officer Dan Lohrmann, who reported more than 2.5 million attempted attacks on state web browsers in 2013 alone. Attacks also routinely targeted energy and communications infrastructure.
“The level of attacks on utilities is extraordinary. While Michigan is being cyber-attacked on a daily basis, it is great that our state is leading the charge to protect our residents and our economy,” said Sen. John Proos, R-St. Joseph, committee vice-chair. “On an individual level, residents should know that if they use the Internet or a smart phone, they are at risk from cyber criminals looking to steal their identity and cash. Half the battle is knowing about the threat and how you can protect yourself.”
Two key parts of the fight against cyber-attacks is the new Michigan Cyber Command Center, created out of Gov. Rick Snyder’s Michigan Cyber Initiative and the expansion of a 24/7 Michigan Security Operations Center that is expected to be completed in 2014.
An example of the risk to public infrastructure was illustrated by Trend Micro in 2012. The firm set up a fake water company as bait to check out the level of cyber-attacks. Within 18 hours they reported their first attack. After 28 days they had 30 attacks from 14 countries.
The panel was also told about “spearfishing,” a common tactic where scammers try to have people click on a link and then enter in sensitive information, such as a bank account number.
Gov. Snyder has co-chaired the National Governors Association (NGA) Resource Center for State Cybersecurity since 2012, examining the state policy role in ensuring cybersecurity for state-owned and state-based infrastructure. Snyder briefed Congress in September on the NGA’s efforts to protect citizens and the economy against cyber-attacks and released Act and Adjust: A Call to Action for Governors for Cybersecurity, a paper outlining strategic recommendations.
For more information about Michigan’s cybersecurity efforts, visit Michigan.gov/cybersecurity.
Residents may learn more about how to protect themselves by visiting the Michigan attorney general’s website at Michigan.gov/ag. Click on Consumer Protection.
Editor’s Note: Audio comments by Proos and Nofs will be available on the Senate Republican caucus website at www.misenategop.com. Click on “Podcasts.”