Risk Of Russian Cyber Attacks Is Now Much Higher, State Of NJ Warns

NEW JERSEY — This Thursday, New Jersey state government raised the state's risk level of cyber attacks to "elevated," saying the increase of cyber attacks from Russia is now considered higher than normal.

That's because there is an increased risk of Russia conducting malicious cyber activity against the United States as a response to sanctions imposed by President Joe Biden and the U.S. government.

This comes the same week it was revealed that New Jersey state government networks are hit by more than 10 million cyber hacking attempts every day.

This was revealed by Michael Geraghty, director of the Cybersecurity and Communication Integration Cell, who testified at a March 21 state Senate hearing on cybersecurity in New Jersey.

The cybersecurity cell, created under the Christie administration, is a government agency that monitors cyber risks in New Jersey. Geraghty is the supervisor.

"So on a daily basis, state government networks are attacked over 10 million times," Geraghty said at the Senate hearing in Trenton. "So 80 million attacks in a given week against state government networks."

"On a weekly basis — and we’re talking about Russia/Ukraine for the last, you know, few months — we receive about 500,000 attacks, just from Russia, on a weekly basis," he continued. "China, Iran, other geopolitical hotspots, the same thing. So it’s not necessarily that Russia is attacking us; it’s just that infrastructure being used, and the Russian Federation is being used to attack New Jersey — New Jersey State government networks. We detect, and we block them."

What hackers are particularly keen to find is the email addresses of state government workers, and their passwords. Since 2020, Geraghty said his agency has detected more than 23,000 compromised email logins of government workers.

"So, for instance, a compromised credential would be my state government e-mail address, that I use to log into a system, and that password," he explained. "And that password just happens to be in plain text available for anybody on the dark web to use. Oftentimes they are used to gain access, because logging into a system with somebody’s credentials is a lot easier than hacking into a system through some vulnerability or some other technical exploit that people are doing."

He said his team "scours the dark web" for this and, since May of 2020, "when we started this service, we’ve notified these organizations of more than 23,000 compromised credentials that are being used."

You can read Geraghty's entire March 21 Senate testimony here: https://www.njleg.state.nj.us/...

Hackers don't seek to only disrupt state servers and networks, he warned. All networks are at risk.

"And that’s just our networks and applications; that’s not even all the individual users that get phishing, and spam, and all sorts of other attacks that we have," he said. "Those attacks, in a lot of cases, are indiscriminate. They’re not necessarily targeted at state government."

At this time, Geraghty said his agency is not aware of any specific or imminent cyber threats to New Jersey.

However:

"Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks," warned the cell in this March 31 press release. "The cyber threat level in New Jersey is currently set to ELEVATED, which indicates a significant risk due to increased hacking, virus or other malicious activity that compromises systems or diminishes service ... The potential for significant damage or disruption is high."

Get great local news about YOUR town and state. Sign up for Patch emails: https://patch.com/subscribe Contact this Patch reporter: Carly.baldwin@patch.com