Software Development
Coronavirus

Remote work means a ‘field day’ for attackers. Companies formed the Maryland Cyber SWAT Team to respond

The Cybersecurity Association of Maryland banded companies together to create a hotline during the pandemic. Now it sees staying power beyond 2020.

Cyber Crucible seeks to automate network security processes. Photo by Flicker user Christiaan Colen

The pandemic’s shift to remote work brought new cyber threats for businesses, as the mix of business and personal life that’s at home presents new opportunities for attackers to break in. Companies that centered employees at an office would typically focus their protections of IP and personal info on the devices and networks within the office. But now it must extend to the home of each employee.

“What’s happened is your attack surface has grown exponentially,” said Gregg Smith, the chairman of the Cybersecurity Association of Maryland, Inc. (CAMI) and CEO of Columbia-based Attila Security. “Now you have tens of hundreds of thousands of employee working from home, many of which have to work on home computers or are working on a combination of home computers or tablets with an office or a work computer. … You’re typically connecting to Wi-Fi that might have a simple password or no password at all.

“It’s a field day for the attackers, quite frankly.”

With these new vulnerabilities, the state’s cluster of cybersecurity companies that service and spin out of federal installations sought to provide a resource that could provide help.

Smith spurred CAMI to set up the Cyber SWAT Team, which is a free hotline that provides incident assistance for businesses. It draws on the membership of CAMI — a statewide org that has grown from 50 to 580 members in recent years — to address incidents.

“We cover, with those companies, so many different services and products that just our state alone can do a phenomenal job of helping an affected company out very quickly,” Smith said.

The issues could range from a ransomware breach to an email spoofing attack. Smith didn’t offer an exact number of companies assisted, but said they’ve had “pretty good success.”

“The phone isn’t ringing off the hook, but we certainly are getting calls and helping people out,” he said.

When a call comes in, CAMI holds an intake call, and triages the need with the org’s senior leadership team to figure out who would be best positioned to help. Many of the companies are doing pro bono work initially, and CAMI can also make referrals to the authorities or other services, if needed.

“The good news is we’ve been able to provide help to just about everybody we’ve talked to,” Smith said.

The hotline was created as a response to the pandemic, but Smith sees CAMI offering it permanently going forward. As the fall arrived, the Maryland Department of Commerce awarded CAMI a $10,000 grant to help raise awareness.

“I think that this can provide a valuable service ongoing,” Smith said. “The next question really becomes, do we start to roll this out beyond just our state? Do we roll it out as a next step to the DMV, for example? Do we share this model with other cyber associations around the country?”

Before you go...

Please consider supporting Technical.ly to keep our independent journalism strong. Unlike most business-focused media outlets, we don’t have a paywall. Instead, we count on your personal and organizational support.

Our services Preferred partners The journalism fund
Engagement

Join our growing Slack community

Join 5,000 tech professionals and entrepreneurs in our community Slack today!

Trending

Every startup community wants ‘storytelling.’ Too few are doing anything about it.

Johns Hopkins’ Pava Center picks promising startups in AI, healthcare and music 

This Baltimore tech conference went beyond programming to provide a healing tribute

How one-click job listings overtook the process — and slowed down tech hiring

Technically Media