Nitin Sukhija

When the coronavirus pandemic forced many organizations and governments to up their virtual game, online threats also became more prominent.

Nitin Sukhija, director of the Center for Cybersecurity and Advanced Computing at Slippery Rock University, said creation of malicious computer viruses, or malware, increased during the pandemic. This put more security risks online, where more people have been spending more time.

“What has been happening in the past two years when everything went virtual is things are exposed more than ever,” said Sukhija, who also is associate professor of computer science at SRU.

“Everyone is connecting from home, and the problem is we have seen an increase in ransomware in the past three years,” he said.

From the top down

Among the organizations that needed to update their cybersecurity measures are local governments and municipalities. Many townships and boroughs in Butler County have websites, and some even allow people to pay bills online.

Sukhija said municipalities have had to implement online safety measures to keep the information of residents safe. He said security and policies on cybersecurity come from the top down, from website hosts to their users.

“They are holding a lot of information about residents,” Sukhija said. “One breach in cybersecurity can basically affect a whole area.”

Butler Township has an information technology consultant on staff. Additionally, township manager Tom Knights said the commissioners allot part of the budget to computer security each year, and contracts with Maher Duessel to provide cybersecurity.

“It's unfortunate, but you have to anticipate an amount of budget for cybersecurity,” Knights said. “When you are a municipality, you have those databases, and you have got to safeguard those.”

Knights said the township has software in place to protect users of its website.

Adams Township manager Gary Peaco said the township does not accept online bill payments. However, it still has protective measures in place for the township website.

“We have had it for quite a while, but we upgraded last year,” Peaco said of digital security in the township. “There are security issues with taking payments online, and we haven't figured out the best way to do that right now.”

Brett Harper, technology director of Slippery Rock Area School District, said with every student in the district now having their own laptop, good cybersecurity is paramount to keep their information safe. He said the district has separate cybersecurity measures for the computers in schools, and those students take home with them.

“Cybersecurity is like an onion, you have many layers that provide protection,” he said. “It has been a huge undertaking getting the technology and security set up for the students' Chromebooks.”

Harper also said many school districts have been shifting to using Google as a software provider, meaning many of the applications they are using are managed by the company.

Online data

Sukhija said many organizations use software or protection that is proportional to the online services they provide. So, websites that accept online payments normally have more security. Businesses and banks can host a lot of information online, so proper security is paramount to keeping it safe.

Mars Bank, for example, warns people to never give out personal information via the phone, email or texts. The bank also offers cybersecurity training for customers.

Cranberry Township accepts bill payments online, and Chad Julkowski, the township's director of IT, said user security is of top concern.

“This is something that is on our minds every day,” he said. “We are continuously making improvements to keep our network and data secure to the highest level.”

Many websites also now have user accounts that require users to register with a password. These measures also improve cybersecurity on an individual level, but Sukhija said they are a constant target for hackers.

Harper said the same.

“Ransomware is so scary now, or losing access to data,” Harper said. “Those are the things that keep IT people up at night.”

Because of the increasing collective time spent online, Sukhija said individuals maintaining good online habits such as using good passwords is an important way to improve online security.

“A person can try to guess your passwords,” Sukhija said. “What they do is they have these bots, which are constantly trying to get data, and they can even do that by calling your phone.

“The only thing you can do is try to do best practices. Have strong passwords, multi-factor authentication, those help.”