Post Highlights
- Post provides an overview of recent GAO report on cybersecurity
- Report includes information on where threats are coming from
- Hear an interview with the GAO on the report on the DorobekINSIDER
In a GAO report released in February, Cyber Security: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented, GAO provides an interesting look at cyber security at the federal level, identifying threats, sources of threats, and data reflecting the exponential growth in cyber attacks. GAO reports that the number of cyber security incidents reported by federal agencies to the U.S. Computer Emergency Readiness Team has increased 782 percent from 2006 to 2012 (from 5,503 in 2006, to 48,562 in 2012). The numbers are staggering to look at, and is evidence that as our nation becomes more dependant on technology, our risks, threats and challenges to stay secure increase.
Clearly, agencies need to be proactive in taking steps to remain secure and protect critical infrastructure. As agencies begin to deploy cloud computing initiatives, bring your own device programs, and the workforce becomes increasingly more mobile, it’s critical to realize that although these tools are essential to meeting growing public sector demands, they also may expose agencies to more risks. The report provides a lot of valuable information, one interesting table was Table 1: Sources of Adversarial Threats to Cybersecurity, which highlights the people, organizations, or systems conducting cyber attacks.
Cyber security attacks may come from hackers, organizations, criminal networks, or disgruntled employees. In the GAO report, GAO highlights the most commonly cited attackers. Due to increasingly reliance on technology, there are more kinds of attackers, running simple and sophisticated scripts, attempting to compromise information. The threat sources of increased cyber attacks are found below:
1. Bot-network Operators
GAO states, “Bot-network operators use a network, or bot-net, of compromised, remotely controlled systems to coordinate attacks and to distribute phishing schemes, spam, and malware attacks.” Bot-network operators often are using spam, malware or phishing schemes in an attempt to obtain financial gains.
2. Criminal Groups
According to the GAO criminal groups “seek to attack systems for monetary gain. Specifically, organized criminal groups use spam, phishing, and spyware/malware to commit identity theft, online fraud, and computer extortion.”
3. Hackers
GAO defines hackers as, “Hackers break into networks for the thrill of the challenge, bragging rights in the hacker community, revenge, stalking, monetary gain, and political activism, among other reasons.”
4. Insiders
Insiders for cybersecurity can include anything from disgruntled employees with access to confidential information, to contractors, and poorly trained employees who may take actions that risk information.
5. Nations
Cyber has increasingly been part of espionage activities by nations. Cyber attacks by nations can have a detrimental impact by disrupting communications, military activities, or other services that citizens take for granted on a day-to-day basis.
6. Phishers
Phishers are groups of people looking to steal identities or information, such as social security information, credit card numbers, all for monetary objectives. Spam, spyware and malware are commonly used to corrupt information.
7. Spammers
Spammers are individuals or organizations who distribute unsolicited, falsified e-mail attempting to spread spyware or malware, attack organizations, or sell products for monetary gain.
8. Spyware or malware authors
Spyware or malware authors or individuals or organizations who have an intent to create destructive viruses to shut down systems. Spyware or malware can corrupt files, hard drives, and severally disrupt systems.
9. Terrorists
GAO states, “Terrorists seek to destroy, incapacitate, or exploit critical infrastructures in order to threaten national security, cause mass casualties, weaken the economy, and damage public morale and confidence. Terrorists may use phishing schemes or spyware/malware in order to generate funds or gather sensitive information.”
As our society becomes increasingly reliant on technology and the Internet, government agencies need to take the proper steps to secure critical infrastructure against cyber attacks. Also, an extensive effort needs to be made to help train the current workforce on how to stay protected, and understand risks. Although cyber threats will always exist, for government it is essential to take as many steps as possible to stay secure.