Sensing that the recent spate of cyberattacks that paralyzed some state services and have overwhelmed municipalities may only continue to get worse, the Massachusetts Legislature's new Joint Committee on Advanced Information Technology, the Internet and Cybersecurity met for the first time Wednesday to begin plotting better defenses.
Among the possibilities up for discussion during the committee's informational hearing are a statewide cybersecurity strategy, a baseline of "cyber standards" for the public and private sectors and regulating cryptocurrencies.
The committee is also expected to discuss the statewide cybersecurity consortium that former Sen. Vinny deMacedo is working to establish with the aid of $1.5 million in seed funding in the fiscal year 2022 budget.
"I think the public shares a great concern around cyber-vulnerability in the areas of health care, in the areas of water infrastructure and in the areas of grid infrastructure. In talking to our constituents, they all feel a sense of urgency around this area," House co-chair Rep. Linda Dean Campbell said.
She added, "This is an area where private and public partnerships are absolutely going to be critical to our goal of establishing any resiliency. And if we're very proactive -- which we need to be -- we really can encourage the development of an economic sector here in the commonwealth of Massachusetts. It certainly is a great opportunity which we must seize immediately, in my opinion."
This spring, a malware attack forced the state's auto inspection system offline for nearly three weeks and Massachusetts municipalities continue to be impacted by ransomware attacks. The FBI has said that Massachusetts residents lost around $100 million from reported cybercrimes in 2020.
"Unfortunately, success builds on success and I don't think this is going away anytime soon," Senate co-chair Sen. Barry Finegold said. "Criminals are going to keep doing this and that's why we have to find a new way to counteract these crimes online. We need to get smart and take proactive measures to ensure that online platforms are safe and secure."
The lineup of speakers scheduled for Wednesday afternoon's hearing included MassCyberCenter Director Stephanie Helm, Secretary of Technology Services and Security Curt Wood and officials from Google, Oracle, Microsoft and Comcast.