Top Cybersecurity Expert Says RI Attack Could Not Be Worse
GoLocalProv News Team
Top Cybersecurity Expert Says RI Attack Could Not Be Worse
Fitzgerald said he did not know of an attack on a state that may have impacted a higher percentage of the population.
“It is potentially devastating,” he told GoLocal.
GET THE LATEST BREAKING NEWS HERE -- SIGN UP FOR GOLOCAL FREE DAILY EBLASTThe records accessed are likely to include social security numbers, addresses, dates of birth, bank account numbers, and more.
And the number of Rhode Islanders impacted are in the hundreds of thousands.
As Medicaid is one of the programs believed to be impacted, that program alone was comprised of more than 389,000 people in Fiscal Year 2023. SNAP benefits program has more than 140,000 users in Rhode Island and HealthSource RI has more than 30,000.
READ MORE ABOUT WHAT THE MCKEE ADMINISTRATION CLAIMS TOOK PLACE
Rhode Island’s Hack Will Become a Case Study
Due to the size and the amount of data potentially compromised, this event is likely to be a case history says Fitzgerald - and not in a positive way.
“I think this will become a case study in what works in responding to and in communicating with the public and what doesn't. And the big piece here is going to be a week too long? Is it not long enough? And if it is too long, how quickly is two days enough? Is three days enough? And what should we be communicating? Because again, to the point that you made, this is a huge percentage of the population, and they're the most vulnerable," said Fitzgerlad.
Most Vulnerable - Worst Time of Year
"It's the worst possible time for an event like this to happen,” said Fitzgerald.
“We want to make sure that we're protecting the most vulnerable without getting them overly scared. I mean, this is the holidays, this is Christmas, the Kwanzaa, Hanukkah, you name it. So this is probably the worst, and it's the end of the year,” he added.
When asked if the state should have moved faster to notify the public, Fitzgerald offered the following.
“Just because you find malicious code in your system, it may or may not be active, first off," he said. "Secondly, as we have seen, there has been a history of ransomware groups using [and] leaning into the fear that their system, that their victim systems have been taken over, as opposed to actually having taken over or controlled, the systems are stolen, the data.”
He said that once the system is penetrated, there is a lot of data that needs to be sifted through. According to Fitzgerald, victim notification is at the center of the issue.
“I think that states are going to need to come up with a better process and system to notify citizens who are victims faster," he said.
Potential of High-Level Breach
Fitzgerald raises the question of how the cyberattack accessed the data and whether it was encrypted.
“And so the question becomes, was this data encrypted or not? And that's interesting because if it was encrypted data, it would signal that the ransomware group was able to compromise an administrative-level account," said Fitzgerald.
"So that would be an IT user that is responsible for overseeing systems that have permissions to oversee systems," said Fitzgerald. "And therefore, the question would become, why and how did that happen? If the data wasn't encrypted and it was sitting in databases, then the question becomes, well, why wasn't this sensitive data encrypted?"
EDITOR'S NOTE: A previous version identified Medicare as the program impacted; it has been corrected to reflect it is Medicaid.