Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- Government Perspectives on Mobility and the Cloud
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Reimagining the Next Generation of Government
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Information Technology News
As cyber attackers get more sophisticated, so must agencies' protections
Friday - 7/18/2014, 2:29pm EDT
Federal News Radio
Cyber criminals are stepping up their game with no signs of stopping. This includes launching more sophisticated attacks, yet on the opposite end, skewing simple in hacking tactics too.
Agency and private-sector information security experts examined cyber prevention tactics during the recent Federal News Radio panel discussion, Targeting Advanced Threats.
Bob Bigman, former chief information security officer at the CIA, said hacking is much more sophisticated than previously thought. One trend he's noticed as of late is that there has been a dramatic increase in highly targeted attacks, especially against large financial institutions.
"They're doing incredibly successful cyber intelligence collection, very successful cyber intelligence analysis of how the organization's network is configured, knowing exactly what versions of what antivirus software they're running and then crafting very specific APT [advanced persistent threats] against a specific individual, branch or part of that organization."
Cyber criminals are adjusting so quickly and becoming so skilled that it's become "an arms race," said Darren Van Booven, chief information security officer and assistant chief administrative officer for the House of Representatives.
"As you come out with new and more advanced technologies to defend your networks, the adversaries are going to develop new and more sophisticated techniques to target you, as well as the malware that they're developing in order to collect your data. So, being in 2014, I think we've gone through the initial stages...and we're definitely at a more advanced state."
New, old tactics being used by hackers
With multilevel targeting, hackers also are doing something new: they're calling people on their home phones numbers, researching everything about a potential victim, and then actually dialing them up, Van Booven said.
However, even as the cyber landscape changes, some aspects stay the same.
Ben Rubin, director of cyber and information security operations at CGI, said simple attacks still happen and can be just as dangerous to agencies.
"When you have all the sophistication you have to weigh the balance of impacting business operations as well. And convenience is built into a lot of these systems for a reason - to enable people that aren't necessarily computer savvy to get their jobs done easily," Rubin said. "So a lot of the more simple attacks might be as effective, especially when you encounter agencies that have tightened the screws from a more technical perspective."
That's why more basic email phishing attacks, even, can be potentially harmful, he added.
Coordinated action to stop attacks
Lance Dubsky, chief information security officer at the National Geospatial- Intelligence Agency, spoke about how his agency is dealing with threat intelligence in particular. In this emerging area, he said, coordination is key to reducing risk.
Daily, he communicates with peers across the government and in private industry. "We ingest a vast amount of threat intelligence but we also use a variety of tools to better understand what we're seeing," Dubsky said. "I think partnership is the main thing. When agencies and industry communicate what they're seeing, and then you apply the right sets of people, process and technology, you can buy down the amount of risk you face."
On a fundamental level, the experts said during the panel, securing the network — or, in some cases, all networks — is critical. Tony Cole, vice president and global government chief technology officer of FireEye, added that agencies should make good use of the data feeds being collected, not just passively hold onto this information.
"There are a number of tools out there to minimize the time in the network," he said. "You can have all the data feeds around the globe but you need to actually be able to take meaningful action around the feeds you get today. That's very difficult to do."