As the Defense Department continues to forge closer relations with Silicon Valley, its leaders say they need more tools to improve automation of cyber basics, the department’s chief information officer (CIO) said. “At a certain point, I want to have some cyber defenses completely automated, where certain conditions occur and the system takes its own response,” said CIO Terry Halvorsen. “I think that is the only way we will keep up.” Automation would free up military and civilian cyber staff to concentrate on higher-level work.
Turning the tables on cyber marauders may be alluring as the ultimate cyber defense, but it is not without risk, according to panelists at the AFCEA/INSA Intelligence and National Security Summit being held in Washington, D.C., September 9-10. Commercial cybersecurity measures could reach beyond defense to offensive measures against cyber intruders to a limited degree, but companies must ensure they break no laws—nor rile their cyber adversaries too much.
Ransomware soared as the preferred malware of cybercriminals, with the number of new samples rising 58 percent over the second quarter of this year, and a whopping 127 percent over this time last year, according to a new analysis by Intel Security.
The firm released a retrospective report five years after acquiring McAfee. Its researchers compared what they thought would happen beginning in 2010 to what actually happened with hardware and software security threats, noting the boom in the number of devices connected to the Internet and a general lack of cyberhygiene contributed to the increase of malware intrusions and ransomware attacks.
It is important for Congress to pass meaningful legislation to improve cybersecurity information sharing and provide sufficient liability protection for entities that share sensitive information with the government, along with ensuring appropriate privacy protections. Yet, much more needs to be done quickly to address cybersecurity preparedness and resilience in the United States and around the world.
An unending quest for convenience and expedience has brought about a technology that connects billions of devices to people and to things and produces vast amounts of information. Wireless links now are permeating virtually every electronic device in society, but they bring with them the vulnerabilities and threats that characterize cyberspace today.
Joshua Corman calls it the bacon principle: the notion that no matter the food, bacon makes everything better. Manufacturers of medical devices, automobiles and home electronics seem to adhere to the same theory when it comes to the use of wireless capabilities.
As if cyber breaches of key federal networks haven’t been problematic enough for experts, hackers increasingly target smaller branch offices that present a weak link in cybersecurity. Wireless connectivity at remote locations leave networks vulnerable because they are not hardened with the latest firewall protections and traditionally do not have a lot of tech support, one expert says.
“Small branch offices are becoming a greater point of attack,” says Paul Christman, executive director of federal sales for Dell Software. “We don’t need to storm the castle anymore to gain access to valuable information or access into the networks.”
While serving as the first luncheon keynote speaker at AFCEA’s Defensive Cyber Operations Symposium, Lt. Gen. Ronnie D. Hawkins Jr., USAF, outgoing director of the Defense Information Systems Agency (DISA), compared cyber and traditional weapons. “We have really, really been modernizing our weapon systems. When you juxtapose that, however, with what we’ve been doing in cyber, we are just now catching on to recognizing that cyber truly is a weapon system,” he said at the June 16-18 event held in Baltimore. “Truly, we are modernizing our weapon system when it comes to cyber right now.”
A conflict erupting on the Korean Peninsula could lead to any of a number of developments and outcomes, and its effects—including cyber operations—might not be limited to the Koreas and the U.N. forces involved there. By modeling a hypothetical conflict with North Korea, planners can examine different scenarios and validate assumptions to imagine a potential cyber situation on the peninsula that could have far-reaching implications that otherwise could go unrecognized.
The password is vanishing. The cumbersome, multicharacter, hard-to-remember bane of Internet usage finally is dying. As biometric and behavioral monitoring technologies evolve, solutions that embrace revolutionary new identity verification systems based on users’ behaviors at the keyboards promise to replace the expiring relic. And not a moment too soon.
An emerging identity verification system known as the “cognitive fingerprint” leverages existing technologies that can recognize patterns of computer users and creates a “behavioral fingerprint” to enable more secure authentication methods. The evolution in identity management undoubtedly will prove disruptive to the current authentication and user verification processes.
Be careful now, remain calm. The title can excite everyone, and having a conversation on cyber active defense over a few beers can turn fascinating in a heartbleed—I mean heartbeat.
This is a topic that covers computer network defense (cybersecurity/cyberdefense) by looking at the legal aspects of, yes, going farther than “passive defense” and into active defense. Various legal issues arise in each area, and I can offer two active defense case-histories to share and their legal ramifications. One includes the computer fraud and abuse act, CFAA, against the “active-defense” perpetrator.
Alejandro Mayorkas, deputy secretary of homeland security, and Sarah R. Saldaña, director, U.S. Immigration and Customs Enforcement (ICE), on Thursday presided over the unveiling of an expanded ICE Cyber Crimes Center in Fairfax, Virginia.
The center, known as C3, will provide ICE’s Homeland Security Investigations (HSI) with enhanced operational and training capabilities to meet the growing cyber mission of the agency and increasing workload of criminal cases with a cyber nexus.
U.S. lawmakers launched a bipartisan bid to boost the Department of Homeland Security's powers to better oversee cybersecurity compliance by federal agencies and intervene when they might fail to safeguard their networks.
The Senate bill would strengthen the department's ability to enforce cybersecurity standards governmentwide, and “in the event that a federal agency chooses not to do so, [the] DHS would have the authority to stand in … and prevent worse damages from occurring,” Sen. Susan Collins (R-ME) said in announcing her plans to submit the bill to the full Senate on Tuesday.
I did it. We always hear it. And we all say it. People, humans, my employees, layer 8, the carbon layer—are the weakest link in cybersecurity.
Then I ran into a colleague speaking on cybersecurity/information assurance education at the FS-ISAC & BITS Annual Summit in Miami. And as we talked, and as she highlighted in her presentation, computer users are not the weakest link, as that conclusion is supported by an erroneous assumption.
Everyone who believes that what was dubbed “The Great Technical Glitch of July 8” was incontrovertibly a mere coincidence and not a coordinated cyber attack, raise your hands. Before you shake your head and stop reading, consider this: The institutions those IT mishaps shut down represent the economy (New York Stock Exchange), transportation (United Airlines) and communications or freedom of speech (The Wall Street Journal). Not to go all X Files on you or propose conspiracies around every corner, but dismissing the possibility that it was more than mere chance isn’t so far-fetched.
We all have seen the news of the massive theft of information from the Office of Personnel Management (OPM). In a nutshell, with extremely high probability, just about anyone who does work for the government—or from one estimate, more than 21 million people, which includes yours truly—had very personal information stolen.
Hackers behind cybersecurity attacks on the U.S. federal government through the Office of Personnel Management (OPM) pilfered personal information from a much more significant number of current and former employees than previously reported.
Thursday, investigators reported two breaches occurred, with data stolen from 21.5 million workers, far more than the 4 million officials originally disclosed in June.
Hackers managed to breach the computer systems of the OPM, stealing data including Social Security numbers, birth dates, home addresses, job assignments, performance reviews, insurance details and training certificates.
A more diverse group of players is generating a growing threat toward all elements of the critical infrastructure through cyberspace. New capabilities have stocked the arsenals of cybermarauders, who now are displaying a greater variety of motives and desired effects as they target governments, power plants, financial services and other vulnerable sites.
But concerns come from not just evolving and future threats. Malware already in place throughout critical infrastructure elements around the world might be the vanguard of massive and physically destructive cyber attacks launched on the say-so of a single leader of a nation-state. Physical damage already has been wrought upon advanced Western industrial targets.
Cyberspace is being accepted throughout the U.S. Army as a warfighting domain. However, many soldiers outside of the U.S. Army Signal Corps do not grasp the concept of cyberspace as an operational realm. Empowering them with that understanding is essential to operational success.
One of the primary tasks of Signal Corps members is to provide other leaders and soldiers with a clear understanding of the job of the corps and of cyberspace itself. As a military organization, the clearest means for the Signal Corps to communicate these concepts is through operational language. Many parallels exist between a battlefield’s physical landscape and what is done during offensive, defensive and support operations in cyberspace.
The recent hack, reportedly by Chinese sources, of the personnel files belonging to current and past U.S. government employees puts a face on the cyberthreat affecting everyone today—about 4 million faces, if Office of Personnel Management assessments are correct. Yet this hack is just one example of the looming cyberthreat, and while it offers valuable lessons to be learned, it should not serve as the exclusive template for securing networks and data.
The word disruptive typically does not conjure up cordial thoughts. In a forum such as this, thoughts might zero in on commercial endeavors—Facebook, Google, iThings—that can bring chaos into our everyday lives. That is quite the opposite of when industry and cyber professionals think about confronting adversaries. We want to cage opponents’ capabilities, actions and intentions and bring order to the chaos adversaries create.