State

Maryland launches cybersecurity task force for extra protection during pandemic

A new task force in Maryland was created to bolster cyberdefenses of state government websites as the coronavirus pandemic continues.

By Benjamin Freed

April 7, 2020

Maryland Gov. Larry Hogan, Baltimore City Mayor Jack Young, and members of the Maryland Army National Guard’s 1st Battalion, 175th Infantry Regiment, assist with food distribution at the Greenmount Recreation Center in Baltimore, Maryland, on March 24, 2020. (Maryland National Guard)

From responding to ransomware attacks to protecting elections, National Guard units have played increasingly large roles in helping their respective states with their cybersecurity operations. Now in Maryland, that relationship is extending to the state’s response to the novel coronavirus pandemic, with the creation of a new task force made up of Guard members and officials from the state Department of Information Technology.

The new team, according to a Maryland National Guard press release, is responsible for monitoring state government websites — such as the portal for unemployment benefits — to make sure that the public can still access state services and public-health updates. There were 4,371 confirmed cases of COVID-19 and 103 fatalities statewide as of Tuesday afternoon, according to the Maryland Department of Public Health.

“It’s an incredibly fluid situation,” Air Force Lt. Col. Colin Ferguson, a Maryland National Guard cybersecurity officer, said in the press release. “We want to make sure the public is getting the most accurate information and that the governor doesn’t have to worry about nefarious activity [disrupting the flow of information to the public].”

Criminal and nation-backed hackers have been tailoring their phishing campaigns to prey on fears of the coronavirus since the early days of the crisis, according to multiple security researchers. The emptying out of government offices as employees are sent home to work remotely has only exacerbated the need for states to bolster their cyberdefenses, said Mike Wyatt, a principal in Deloitte’s risk and financial advisory group.

“You’ve taken a workforce that has policies and procedures in the office protecting data to the home,” Wyatt told StateScoop in a recent interview. “Some with government assets, some with home devices. You’ve increased the attack surface pretty significantly.”

And the FBI warned Monday about the growth of business email compromise schemes propagated by people targeting governments seeking to purchase desperately needed medical supplies.

The Maryland National Guard said the task force, which in addition to the IT department also includes members of the Maryland Defense Force, a unit of uniformed volunteers who support Guard activities, was set up after Gov. Larry Hogan declared a state of emergency on March 5.

“Our livelihood basically is to prepare for these types of events,” said Air Force Lt. Col. Janice Hernandez, the commander of Maryland’s cybersecurity joint task force.

Maryland officials said the new task force is also the first cybersecurity operation to be established by any state in response to the COVID-19 pandemic.

“We may be behind the scenes but our mission for this task force is so critical by allowing our websites to continue to inform citizens during this critical time,” Chip Stewart, the state’s chief information security officer, told StateScoop.