Sony is the latest example of a big organization getting hacked, including (possibly) by a nation-state like North Korea.
But everybody gets attacked now, and nearly every day. Including the state government of Kansas.
The “threats,” as John Byers calls them, sometimes include “socially engineered Trojans, phishing attacks, advanced persistent threats, network-traveling worms, just to name a few.”
And foreign intelligence services, he said. And organized crime.
Byers is the chief information security officer for the Kansas Department of Administration’s Office of Information Technology Systems. In an e-mail, he explained that he did not want to go into detail about the threats and what the state must do to counter them and keep information safe online. But he acknowledged the state faces nearly constant threats.
“Because of the information the state works with we see continuous threats from nation states (foreign intelligence services), terrorists, industrial spies and organized crime groups, hacktivists, and hackers,” he wrote.
“For reasons that should be quite obvious we cannot name the various groups, nations, which we see daily.”
Were the state not vigilant, this could become a serious issue for Kansas taxpayers, he said.
“The State has various types of very sensitive information given the nature of the services we provide to the residents of Kansas,” he wrote.
The state, he said, maintains health-related information, federal taxpayer information and other personal information that is highly sensitive.
These threats come “numerous times a day,” he wrote.
“The trend has been increasing for both public and private organizations over the last decade. This can easily be substantiated by multiple studies and research conducted routinely by numerous security organizations.”
How does the state handle these threats? Byers did not want to say much about that. It does seek help and advice at times from the Department of Homeland Security, the Multi-State Information Sharing Center and other organizations.
“Like most organizations, we face challenges as a state to protect information,” he wrote. “As such the State uses various methods to respond.
“As one might gather, the methods and resources used are privileged and confidential.”