NewsLocal News


Are our toll systems vulnerable to hackers?

Also: The new cybersecurity mandate government contractors need to comply with by 2025
Posted at 7:46 AM, Jun 11, 2021
and last updated 2021-06-11 10:14:19-04

LEE COUNTY, Fla. — A Florida-based cybersecurity expert with decades of experience believes the recent attacks we've seen which have impacted fuel supply, the food chain, and more, are all tests.

"My opinion is these are tests by the bad actors in the world that are trying to figure out how to cripple the overall infrastructure of the United States," said Paul Karch, Managing Partner of Solaiya.

He referred to what happened just hours after the Colonial Pipeline attack when we saw states, like Florida, lining up at gas stations, panic buying, and depleting the fuel supply.

It's the same chain reaction when consumers hear about an attack to the food supply. Karch describes attacks like these as ones that put consumers on notice. He also said there are other areas of our infrastructure that are vulnerable.

"I think what you will see is that the infrastructure of the United States is something that needs to be worked on. Think about roads, for example, as far as infrastructure is concerned," said Karch.

"The cyber attack potential on the toll system, the cyber attack potential on the rail system, I mean these are all areas we have to be careful of I think that's, you're starting to see it raise up because people are starting to realize they can put us on notice, so we need to be very, very diligent in making certain that we are not only defensive but in some cases offensive against the threats," he added.

With the Federal Bureau of Investigation's latest update, which showed the number of attacks we're dealing with is unprecedented, Karch said more companies are coming to him for cybersecurity support.

Solaiya is also working closely with those who have government contracts.

There are tens-of-thousands of them. He said the Department of Defense has put a new mandate in place to make sure each is strengthening its security, since it only takes one weak link to let a dangerous hacker in.

"There are you know 30,000, 40,000, 50,000, 100,000 companies that sell something to the government. Right now, there's a mandate within the Department of Defense, that if you sell services, equipment, if you connect to any of the Department of Defense infrastructure at all, there's something called the Cybersecurity Maturity Model, CMMC. That cybersecurity maturity model is a certification that the entities that do business with department of defense have to achieve by 2025," he explained.