Coordinated Attacks Call For More Sophisticated Cyber Defense - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity
News
9/29/2014
02:30 PM
50%
50%

Coordinated Attacks Call For More Sophisticated Cyber Defense

Agencies and industry are rethinking how they defend against coordinated attacks by teams of specialized hackers.

5 Breakthrough DARPA Technologies Beyond GPS
5 Breakthrough DARPA Technologies Beyond GPS
(Click image for larger view and slideshow.)

Government and industry are facing a new breed of well-trained cyber attackers who are taking advantage of weaknesses in network defenses through coordinated attacks. To counter this threat, public and private-sector IT security experts contend that organizations must improve how they share information and react to intrusions.

Today's adversaries in cyberspace aren't the individual hackers and random criminals of the past, Jacob West, chief technology officer for Hewlett Packard's Enterprise Security Products business, explained at a recent conference in Washington D.C. These new actors are highly focused and work collaboratively -- something they did not do a decade ago, he said. Sophisticated cyber attackers now work in teams, with certain groups specializing in certain technical areas, such as software or malware writing. Each of these groups contributes its skills to the "kill chain" of a cyberattack. "We see this specialization resulting in a much higher caliber of effectiveness."

Federal agencies need to learn more about how cyber attackers work, Wes said, to counter them and learn better ways to collaborate internally. Organizations need to be better at sharing intelligence with one another and industry. Without this collaboration and cooperation, he said, the fight against cyber attackers is stacked in favor of the attackers.

[The Internet of Things brings with it a world of security questions. Read Internet Of Things Intrigues Intelligence Community.]

Richard Hale, the Defense Department's deputy CIO for cybersecurity, said one of the challenges faced by the government is that there is still a poor understanding of adversaries' goals. This is because most attacks tend to appear initially as data theft instead of intelligence gathering or espionage. He noted the DOD's particular challenge of getting its mission accomplished in the face of a capable adversary. One of the disadvantages faced by the military and government in general is that adversaries need only succeed at least half of the time, he said.

Defense Department deputy CIO for cybersecurity Richard Hale.
Defense Department deputy CIO for cybersecurity Richard Hale.

The Department of Homeland Security is the chief government agency responsible for coordinating cyber defense, mitigating attacks, and responding to them, said Phyllis Schneck, the DHS deputy under secretary for cybersecurity. She described these efforts as a "cleanup-in-aisle-nine" process managed through the DHS's National Cybersecurity and Communications Integration Center. Information sharing is critical to this process. The office plays a key role in this process, she said, and every part of the DHS has its own cyber component.

The DHS is helping defend federal infrastructure through programs such as Einstein, a continuous diagnostics and mitigation system that scans civilian government systems for signs of intrusion and data breaches, Schneck said. The government is at a very good place to share information openly with the private sector and academia on security issues. The DHS is also using big data tools to manage and observe networks, which allows for improved defense against zero day and botnet attacks. Collaboration is helping federal agencies work together and create a better picture of an attack through information sharing, she said.

Despite the progress made by the DHS on the federal side, industry needs to do more. A priority for 2015 is active collaboration between companies on security issues, according to West. In the past, he said, firms didn't share security information and viewed their network security as a competitive advantage. But with the recent pace of major data breaches, there has been a sea change in how firms view information sharing on this issue. The coming year, he predicted, will see more active collaboration such as sharing best practices and working more closely with the government.

Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data. In the Partners' Role In Perimeter Security report, we'll discuss concrete strategies such as setting standards that third-party providers must meet to keep getting your business, conducting in-depth risk assessments -- and ensuring that your network has controls in place to protect data in case these defenses fail (free registration required).

Henry Kenyon is a contributing writer to InformationWeek Government. He has covered Government IT and Defense markets since 1999 for a variety of publications including Government Computer News, Federal Computer Week, AFCEA's Signal Magazine and AOL Government. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
Slideshows
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
Commentary
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll