cyberthreats

January 31, 2019
By Kimberly Underwood
Director of National Intelligence Dan Coats, pictured at a recent White House briefing, is calling for the intelligence community to "do things differently,” given the severe threats and complex adversarial environment the United States is facing.  Photo courtesy of ODNI

A new strategy for U.S. intelligence looks to improve integration of counterintelligence and security efforts, increasingly address cyber threats, and have clear guidance of civil liberties, privacy and transparency. As outlined in the U.S. National Intelligence Strategy (NIS), from Director of National Intelligence (DNI) Dan Coats, the intelligence community is facing a turbulent and complex strategic environment, and as such, the community “must do things differently.”

September 24, 2018
Posted by Kimberly Underwood
A recent report from the U.S. Government Accountability Office (GAO) finds federal government actions related to cybersecurity lagging, posing a threat to the nation’s critical infrastructure and federal agencies. Photo credit: Shutterstock/Mark Van Scyoc

The U.S. government has not established a comprehensive cybersecurity strategy, nor has it performed effective oversight of cybersecurity as called for by federal law and policy, the U.S. Government Accountability Office (GAO) concluded in a stark report on the state of the nation’s cybersecurity.

Because of the cybersecurity policy lag and related action, federal agencies and U.S. critical infrastructure—including energy, transportation systems, communications and financial services—are vulnerable. And these cybersecurity risks are increasing as security threats evolve and become more sophisticated, GAO, the government’s watchdog agency, reported.

August 30, 2018
Posted by Kimberly Underwood
Michael Moss, deputy director of the Cyber Threat Intelligence Integration Center (CTIIC), Office of the Director of National Intelligence (ODNI), told Congress that CTIIC remains concerned by the "increasingly damaging effects of cyber operations and the apparent acceptance by adversaries of collateral damage." Credit: Shutterstock/EVorona

As billions more Internet of Things (IoT)-related devices come online, the barrage of cyber threats will not only continue but will target users in new ways. Moreover, the number of adversaries mounting attacks against the United States in cyberspace will continue to grow in the next year, as nation-states, terrorist groups, criminal organizations and others persist in the development of cyber warfare capabilities, Michael Moss, deputy director, Cyber Threat Intelligence Integration Center (CTIIC) warned during recent Congressional testimony.

July 11, 2018
By John Kupcinski
Cyber threat intelligence may be helpful in countering government fraud, waste and abuse. Credit: Shutterstock

Fraud, waste, and abuse (FWA) remains a major challenge to the federal government. From 2012 to 2016, the 73 federal inspectors general (IGs), who are on the frontline of fighting FWA, identified $173 billion in potential savings and reported $88 billion in investigative recoveries and 36,000 successful prosecutions and civil actions.

February 20, 2018
By Kimberly Underwood
Government mobile devices are still vulnerable to cyber attacks, a recent report says. Photo credit: Shutterstock/Georgejmclittle

Mobile devices used by federal employees continue to be susceptible to malicious cyber attacks. Email accounts, stored documents, microphones and cameras on the devices still present avenues of entry for bad actors.

Complicating the matter are conflicting governmental compliance policies, misconceptions of security measures and naivety about the exact risks, a recent survey concluded. Many agencies are still ill equipped to handle these incidents. Moreover, even if policies are in place, employees do not always follow them, and intrusions still happen, according to the report, "Policies and Misconceptions: How Government Agencies are Handling Mobile Security in the Age of Breaches," prepared by San Francisco-based Lookout Inc.

April 21, 2017
 

Adversaries, and cyber criminal organizations in particular, are building tools and using techniques that are becoming so difficult to detect organizations are having a hard time knowing that intrusions are taking place. Passive techniques of watching for signs of intrusion are less and less effective. Environments are complicated, and no technology can find 100 percent of malicious activity, so humans have to “go on the hunt.”

July 1, 2016
By Dan Velez

Researchers in government and industry are combining advanced analytics with traditional detective work to quash dangerous cyberthreats from within. Instead of focusing on a silver-bullet solution to stop the insider threat, they are adopting an approach that consolidates information from multiple events to provide greater advanced warning of problems.

July 1, 2015
By Lt. Gen. Robert M. Shea, USMC (Ret.)

The recent hack, reportedly by Chinese sources, of the personnel files belonging to current and past U.S. government employees puts a face on the cyberthreat affecting everyone today—about 4 million faces, if Office of Personnel Management assessments are correct. Yet this hack is just one example of the looming cyberthreat, and while it offers valuable lessons to be learned, it should not serve as the exclusive template for securing networks and data.

December 2, 2014
By Chris LaPoint

Coming soon to a network near you: consolidation and reinvention.

Two years ago, the U.S. Defense Department developed the Joint Information Environment (JIE) framework. Since then, key stakeholders and drivers of the JIE have been working to realign, restructure and modernize the department’s information technology networks to increase collaboration among departments while reducing the cyberthreat landscape. The JIE vision is an integrated and interoperable joint enterprise environment that can be leveraged across all department missions—an extremely important development as Defense Department dependence on the network has never been higher and cyberthreats are rising.

March 12, 2012
By Beverly Schaeffer

Perhaps it began with Y2K, this realization that the unseen operational grid could come crashing down by the mere numerical click from one century to the next-but the threats to operational functionality in all areas of human-machine interface are very real. A cyber exercise conducted again this year will incorporate some changes to simulate new challenges.

October 6, 2010
By H. Mosher

This month, Linton Wells II drew his inspiration for Mission Assurance Moves to the Fore in Cyberspace from Deputy Secretary of Defense William J. Lynn III's recently published article, Defending a New Domain: The Pentagon's Cyberstrategy. Wells summarizes Lynn's strategy points, noting that taken on a whole they have a broader implication than just cyberdefense. It has more to do with mission assurance, he says:

August 27, 2010
By Beverly Schaeffer

Recognizing a threat is the first step to addressing it, and one way to do that is to track incongruities rather than just monitoring the status quo. In this issue of SIGNAL Magazine, Chris Sanders highlights an intrusion detection architecture that does just that. His article, "The Exception Becomes the Rule," focuses on how this system enables a rapid, flexible response to cyberthreats.