Tips for protecting your agency from cyber attacks

Tuesday - 1/24/2012, 12:04pm EST

Karen Evans, former administrator, Office of Electronic Government and Information Technology at OMB

Download mp3

Federal IT managers should be asking themselves some important questions in the wake of denial of service attacks on several government websites.

Last week's attacks by activist hacker group Anonymous shut down the Department of Justice, FBI and the U.S. Copyright Office websites in retaliation for the arrest of members of MegaUpload.com.

"It is a return of an old problem with a lot of new tools that the federal agencies need to be prepared with, especially when you go with a high visibility type of case like this," said Karen Evans, former administrator of the Office of Electronic Government and Information Technology at OMB.

Evans, who is with KE&T Partners, spoke to The Federal Drive with Tom Temin Tuesday about the challenges the recent hacker attacks present to federal IT managers.

Karen Evans, former administrator of the Office of Electronic Government and Information Technology at OMB (actgov.org photo)

Evans said in the wake of recent attacks agencies are likely looking at how to adopt a more in-depth approach to defending their websites.

One way for an agency to protect itself, she said, is by isolating the website on a network separate from everything else the agency does. By placing the website in the cloud on an external provider, for example, once the site goes down, that's the only thing affected by the hack.

On Monday, the group AntiSec targeted OnGuardOnline.gov to protest anti-piracy legislation before Congress. OnGuardOnline is a Federal Trade Commission-run website that is a partnership among 14 federal agencies.

"If SOPA/PIPA/ACTA passes we will wage a relentless war against the corporate internet, destroying dozens upon dozens of government and company websites," the hackers wrote on Pastebin.

Evans said it's probably a good idea for federal managers to consider whether mentions of their agencies in the news or in public policy debates could make their websites potential targets.

Evans has personal experience with that. In 1996, she worked at the Justice Department when former Attorney General Janet Reno's website was hacked.

"Every time our manager went out on a public speaking circuit and was talking about cybersecurity, we went on a heightened sense of alert ... because we knew that there would be more attacks based on the types of things he would say," she said. "So, you have to relate this to public policy the same way, because this group is very active."

Tools on hand

"With the way that tools are set up now, the same types of things that the hackers use, the agencies can use to see if their agencies or their policies or their keywords are being mentioned, so that they can shore up their services so that they can properly respond," Evans said.

One resource that an agency can turn to is its public affairs office, which is already monitoring mentions of the agency in the press and on social media platforms like Twitter and Facebook.

"They're always monitoring the news so that you can respond from a policy perspective," Evans said. "This way, you can expand it a little bit and the technical people can get that monitorization of the news feed and look at it from a cybersecurity perspective."

This type of continuous monitoring, especially as its being developed by Congress as part of the comprehensive cybersecurity bill, would help the agencies to better protect themselves from attacks, Evans said. "That one piece, if implemented properly across the board with all of the agencies, would really help in this area," Evans said.

The attack on OnGuardOnline and the other federal websites are nothing new, according to Evans, and are likely to continue.

"It's just happening faster and it's more visible and it's probably more of an embarrassment that the website goes down," she said. "One of the biggest things that you want to make sure that you do is that you don't have some basic things that are not done so that [hackers] can get further into your networks."

Earlier this month, Anonymous targeted the website of Stratfor, a company that provides geopolitical analysis. The hackers posted email addresses, credit card numbers and personal information of more than 800,000 people who subscribed to Stratfor's publications.

"That's a big vulnerability," Evans said. "You want to make sure [that information] does not get taken by nation states or anything else like that."

RELATED STORIES

Hackers claim new attack on government website

Lessons learned from Stratfor hack

Hacker group Anonymous claims responsibility for shuttering Justice.gov