Cybersecurity trends in government organizations

Cybercriminals are always trying to find new ways to exploit existing security systems. The evolution of cyberattacks demands more profound cybersecurity practices from all parties involved. These can be private companies, individuals, or governmental organizations. The federal governments keep the most crucial national security data and thus come under the most attacks. These attackers are not just some average joes sitting in the basement trying to crack simple encryption systems. More than usually these are highly sophisticated adversaries from other government agencies, more than usually the best teams out there doing months of research and preparation for that one attack to penetrate all of the defenses and destroy or steal as much information as possible. Due to this, the perimeter hardening has been given a green light focusing on non-stop diagnostics, identity management, threat intelligence and protection of critical infrastructure. Unfortunately, even in the face of considerable money and resources being funneled into the defenses, the high-profile data breaches are still on the rise.

A lot of cases of private agencies being hacked has made the headlines. Ignorance is bliss and it shows in most of these cases. Hackers are usually trying to sabotage already existent networks of private companies to steal customer payment information. These may be your online stores, clothing brands, department stores, online casinos, and etc. In Great Britain, back in 2011, one IT expert decided to crack open an online casino and steal 400 billion chips, which his equal to 7.5 million pounds. The same has happened in New Zealand where the casino industry is fully monopolized by the government agencies and thus benefit from government level protection. This is why a lot of New Zealanders, or “Kiwis”, tend to be using cryptocurrencies to hide their transactions and then play on off-shore online casino websites like some based in the UK for example. Although, the prohibition works against the Kiwis, not the institutions. Basically, a lot of casinos in New Zealand still operate their Kiwi live casino games but they advertise to foreign players instead of New Zealanders. Although, NZ casinos have come under extensive scrutiny as well with data breaches plaguing the industry. Anyhow, in the end, all of these attackers have been caught and arrested.

One of the recent and most notorious cases of government organizations being breached is the US Office of Personnel Management (OPM), which oversees the legal side of how federal employees are hired, promoted, and regulates pensions of not only active but already retired employees. In 2015, the cybersecurity teams noticed that there was a strange SSL connection from an unknown source. After looking into it the team concluded that the data was flowing from their servers to a website called opmsecurity.org, which was not owned by the agency. The name was created to deceive anyone looking into the matter. The investigation has led to a file named mcutil.dll, which is a name utilized by the security software giant McAfee, however, what was even more shocking is that the agency does not use the services of the said cybersecurity tech giant. It turned out that this file was concealing a malware designed to give access to the hackers to their internal systems.

While this particular breach has been quite damaging, the OPM is getting almost 10 million digital intrusions per month. Mostly these are port scans or phishing attacks that are common everywhere. Due to this, a lot of the agencies have reinforced and upgraded their security.

Identity Defense

Identity theft has become a new plague of cyberspace. This is one of the biggest threats to the day-to-day lives of not just companies but individuals. Hackers utilize social networks, different age-old breaches, and plain old social engineering to gather as much information as it is possible about individuals. In some cases, this information is enough to trick a company or an institution into thinking that the hacker is actually the person who registered with them. This is why the two-way verification system where you get a message on your phone number is not as secure as a verification application installed. Sometimes, malicious users can just call up the phone provider and just speak to the operator the way the actual person would provide different detailed information thus requesting a “replacement” sim card to be sent out. A lot of people answer the security questions very truthfully. A rule of thumb is to have a random response to these questions. What is your mother’s maiden name? A robot dreaming about electric sheep. This way the hacker cannot physically come up with this information anywhere else.

Many of these attacks are successful due to the impersonation of the government official. This is countered by the training of staff to make sure that they are aware of all of the trickery a malicious user may use against them.

Infrastructure Cyberdefense

One of the largest targets lately of coordinated attacks on infrastructure has been the United States power grid. In September, the institution announced that as many as 20 power grid utilities have been compromised due to the cybersecurity breach which happened earlier in 2019. This means that hackers could effectively destroy critical infrastructure causing millions in damages and probably even human life casualties.

In 2015, Russian hackers allegedly attacked the Ukrainian utilities and shut down power for a 250 thousand citizens.

Cybersecurity Framework

The institution leading the federal government’s cybersecurity push is the National Institute of Standards and Technology, or NIST. This institution has been working with the government of the United States of America since Barack Obama’s executive order in 2013 and is focusing on building resilient and reliable critical infrastructure for the IT departments on the federal level. The main achievement is the development of the Cybersecurity Framework, which integrates industry standards and best practices into the federal government’s risk management methods.

Machine Security

Whenever the cybersecurity issues are being shed light on in the media this particular aspect is often overlooked due to more technical nature of the problem. To put it simply, just like us, humans, use credentials like name, birthdate, ID number, etc. to identify each other the machines use keys and certificates to state their identity on the network. Much like identity theft in humans, machines can also pretend to be others.

The current trend shows that the priorities have shifted to conceal machine identities and create a more universal system where the user identity will not be easily replicated.

Conclusion

Federal initiative is always a necessity to lead a considerable push against the malicious attackers. This is due to a higher budget as well as nature of the job, which governmental agencies are dealing with like national security. The feds are always on top of the most valuable information, therefore, it is of utmost importance to stay up to date with the recent developments in the cybersecurity fields and not only follow them but be a major player leading the race as it will ultimately decide the wellbeing of the nation’s citizens as a whole.


Like it? Share it with your friends!