Not too long ago cyber hackers would focus exclusively on large corporations, but that’s not the case any longer.

A growing number of smaller New Jersey businesses are reporting their online networks have been broken into and compromised.

“We’ve come to understand cybersecurity at the state level is not just about state government, it’s not just about local government, it’s also about industry and critical infrastructure,’ said Dave Weinstein, the director of
cybersecurity for the state Office of Homeland Security and Preparedness.

He pointed out that typically those involved with cyber security breaches these days are not high school nerds and goofballs.

“We’re seeing more sophisticated hardened criminals target small to medium sized businesses just as much as they are targeting large corporations,” he said. “Small organizations, local governments contrary to popular belief, are not immune from the more sophisticated threats.”

Experts say this is increasingly becoming a problem because more and more businesses are accumulating electronic data.

“It’s data that can be either sold on the black market for a profit or used to establish or construct online identities," Weinstein said.

Another problem is hackers who work for rogue nations.

“They’re looking for knowledge, intellectual property that can shorten the [research and development] cycle as it relates to in-demand technologies,” he said.

He explained for this reason, the New Jersey Cybersecurity and Communications Integration Cell, known as NJ- CCIC, has been created.

“It’s the state’s one-stop shop for cybersecurity information sharing for threat analysis as well as incident response,” he said.

Cyber security experts are now focused on a holistic approach, looking at the cyber threat landscape in New Jersey as a whole, and “recognizing the threats that we face are not unique to one industry vertical or one state agency, it’s really a problem faced by our citizens and businesses at all levels.”

He says the best way to combat this threat is partnerships and information sharing on the local state and federal level.

“We’re promoting cyber-threat awareness across the state, because at the end of the day the users and organizations have to take responsibility for their own cybersecurity. We’re focused on equipping them with the information, and the tools,” he said.

Weinstein said there is a lot of ambiguity across all levels of government in terms of who to call if you suffer a cyber incident, or who to turn to for information to protect your organization, so the NJ CCIC serves as the place to go for this information.

“It consolidates our best and brightest engineers and analysts under one roof, and it’s co-located with other security and emergency management functions in the state,” he said.

He added the primary benefit of NJ-CCIC is “we now have an institutional vehicle for bridging the information divide that exists between the government and industry when it comes to cyber threat intelligence.”

He explained most of the state’s critical infrastructure is owned and operated by private sector entities, so the private sector has some of the most valuable insights into threats that are impacting the Garden State.

“In order for NJ-CCIC to connect those dots and make sense of all the malicious traffic that traverses our state, it’s important that industry has a vehicle to share that information with in a manner that protects their proprietary interests, their confidentiality and the privacy of their employees and customers, so we’ve baked all of those values and processes into the NJ-CCIC,” he said

For more information, visit the state's website for information on trending security ideas and protocols and the Jersey cyber alert level of the day.

Contact reporter David Matthau at