More than two dozen information technology personnel from across the state were in Bryan this week for two days of training with the TEEX Cyber Readiness Center, designed to help them prepare and respond to a cyber attack.
The 27 men and women — who work with city and county governments, hospitals, 911 dispatch centers and other organizations — tapped away on laptops at the Brazos County Expo in Bryan on Wednesday afternoon, while two instructors from the Texas A&M Engineering Extension Services Cyber Readiness Center discussed the best ways to deflect data breaches and ransomware attacks. This 16-hour training was free for participants thanks to a 2019 continuing training grant from the Federal Emergency Management Agency allotted to TEEX and other higher education groups.
According to instructor and TEEX program manager Andrew “AJ” Jarrett, this week’s two-day class at the Expo is the first of its kind to be held in Brazos County.
“This is about recovering from major cyber events in general,” Jarrett said. “We look at case studies; for example, what happened in Atlanta [in 2018] with ransomware, and how they are recovering from that ... how to reduce costs, get things back up faster and respond when that type of thing happens.”
Sometimes a cyber attack is conducted by an organized criminal system in a country without extradition, Jarrett said. An attack even can be ordered by a foreign government agency.
“There’s a whole gambit about the person in their parents’ basement doing this, and that’s a bit of misnomer,” he said. “[Cyber attacks] are typically more nation-state sponsored attacks, with people trying to gain a military goal.”
The goal of attacks is often to steal information and sell it online, or to hold the information for ransom. Ransomware attacks are common, Jarrett explained, but other methods include the disruption of a city’s power, water supply and utility billing system. But, he noted, city governments can stand stronger against these threats by helping each other and learning from other cities’ mistakes.
“Part of what we are trying to foster here is for communities to come together for something we call cyber mutual aid,” Jarrett said.
City of Bryan IT project manager Ian Soares was in attendance Wednesday. He said he has been involved in TEEX training before but felt this course was unique in its size and scope.
“[Cyber security] is constantly changing, and just because you’re knowledgeable and up-to-date today, that doesn’t mean you will be tomorrow,” Soares said.
Continuing education is the only way to increase safety, Soares added, and to be aware of connections between entities. It doesn’t do any good if one department is IT-strong and others aren’t, he said. Attackers will look for vulnerabilities.
“Nobody is too small or too big ” he said. “We all need to be aware. A lot of times the way that interactions occur is that an attacker might find vendor who works with the city.”
Those in attendance Wednesday also included staff from the city of College Station, Bryan ISD, College Station ISD, and Brazos County.
“Seeing things from others’ perspectives, hearing challenges others face and how they address them — that helps,” Soares said. “We are constantly trying to improve, and seminars like this assist in that.”