WATERVILLE — In March 2015, the Lincoln County Sheriff’s Office paid $350 ransom after a virus infected its server and encrypted its data, essentially holding its records system hostage until the sheriff’s office paid a price. The virus was downloaded by someone who clicked on the link in an email.

In September 2015, someone hacked the network of MaineGeneral Medical Center, compromising patient information such as birth dates and Social Security numbers.

Frank Appunn

Frank Appunn

Also in March 2015, a hacker broke into the central Internet portal to the Maine state government offices, disabling it for about three hours.

These breaches show the need for greater cybersecurity training and awareness, officials said at a forum Monday. It’s why a professor at Thomas College and a coordinator for the Maine Emergency Management Agency are hoping to hold webinars and distribute information to municipalities throughout Maine on the subject.

Frank Appunn, a professor of information technology management at Thomas College in Waterville, and Cameron Wellman, cybersecurity coordinator for the emergency agency, spoke at Thomas College on Monday afternoon along with Forrest Labbe, a graduate student and director of the college’s Security Center. About 20 people gathered in the Summit Room for the seminar.

The need for more focus on cybersecurity comes from an increase in threats from hackers who hold data for ransom, steal information or scam consumers. According to Appunn, 87 percent of people in the U.S. can be tracked via their cellphones, which often contain GPS trackers. These trackers can be turned off though — “make it harder” for them to find you, Appunn said.


Forrest Labbe

Forrest Labbe

Consumers in general also have to be aware of the growing “Internet of things,” he said. Networks can be attacked through items people might not view as computers, but if they’re connected to a WiFi network, they leave you vulnerable. “You’re not safe in Maine. You’re no safer than you would be in San Francisco,” he said.

Employee training can help raise awareness about scams and prevent exploitation.

Labbe said people should be taught to verify before they trust. For example, if an employee gets an email from what looks to be the IT department asking for his or her password, that person should call the department to verify that it’s them.


Comments are no longer available on this story