Big targets and bigger threats: the government’s cybersecurity
On May 11, 2017, President Trump signed an executive order aimed at improving the United States’ cybersecurity, furthering his promise to keep America safe, “even in cyberspace,” as homeland security adviser Tom Bossert put it. The government’s cybersecurity has to protect a lot more than cyberspace, however. This is one of the main reasons President Trump has made cybersecurity such a huge priority. The other reason? The onslaught of serious attacks aimed at everything the government’s cybersecurity is attempting to protect.
Department of Homeland Cybersecurity
The government’s cybersecurity endeavours are largely the responsibility of the Department of Homeland Security or DHS, though other agencies are involved in the cybersecurity effort and the DHS works in cooperation with law enforcement and other federal agencies as well as the private sector.
In his final year in office President Obama put forth a budget with $19 billion dedicated to federal cybersecurity, an increase of 35%. And while President Trump has made good on promises to cut government spending, he’s kept the dollars flowing to cybersecurity efforts. Thank goodness, because federal cybersecurity has a lot to accomplish.
With all the advantages of the internet it can be easy to occasionally forget that with this increased interconnectivity comes increased opportunities for fraud, theft, abuse and a variety of other crimes. You can bet the federal agencies tasked with dealing with cybercrime don’t forget, though. They’re busy.
Cybersecurity professionals work alongside law enforcement agencies and officers to investigate cyber crimes that range from the theft and fraud that can accompany data breaches and business email scams to truly shocking felonies like child exploitation, apprehending and prosecuting the criminals behind them. These cooperative high-impact investigations are a massive cybersecurity responsibility, and it’s just one that the DHS and other federal cybersecurity authorities are regularly dealing with.
Protecting federal networks
The entire federal enterprise relies hugely on computer networks and systems for its essential operations. As such, those systems and networks represent huge targets for everyone from individual hackers to politically-motivated hacktivist groups to other nation-states. Attacks launched at these networks are primarily designed to steal information, with other potential goals including disrupting or denying access to services, and affecting or destroying information systems.
To guard against these threats, the DHS has a network security deployment division that designs and deploys the national cybersecurity protection system, the frontline of defense when it comes to cyber threats. This system provides intrusion detection and prevention as well as advanced analytics and information sharing and includes the EINSTEIN early-warning system designed to provide near real-time malicious activity detection and mitigation.
The DHS also has a continuous diagnostics and mitigation program, and the National Cybersecurity and Communications Integration Center dedicated to sharing information among the public and private sectors to provide better threat and vulnerability awareness.
Protecting the computer systems, networks and data belonging to the United States government is obviously a top priority, but the systems that can be affected by a cyber attack go beyond information technology systems all the way to critical infrastructure.
Information technology has become more and more integrated with the operations of physical infrastructure which puts those operations at risk of cyber attacks that could disrupt services Americans rely on every day. The power grid, postal service, transportation services, telecommunications, financial services and more could all be seriously impacted by an attack. Any of the above falling victim to an attack would assuredly affect the economy, while an attack on something like the power grid could potentially present a risk to American lives. Thus, protecting critical infrastructure through stronger cybersecurity efforts has become one of the DHS’s top priorities.
Everything under siege
They say future wars will be fought in cyberspace, but what “they” don’t seem to realize is that battles are already playing out over the internet every day, hitting valuable government databases, taking down essential services and even striking critical infrastructure. As the world’s superpower, there is perhaps no bigger nation-state target than the United States.
As touched on above, the threats to the US government range from hackers and hacktivist groups to other nation-states. Russia, North Korea and China are a few of the nation-states allegedly behind attacks and attack attempts on the United States, often referred to as advanced persistent threats, with Russia reportedly behind attacks on the White House and State Department in addition to their alleged election meddling.
For all of the federal government’s cybersecurity effort, that effort often falls short. Even with the recent budgetary boosts cybersecurity-related agencies have been given, the US government ranks dead last among major industries when it comes to cybersecurity, bested by 16 other industries including non-profit and retail. This helps explain how hackers managed to steal a cyber weapon from the National Security Agency and use it in multiple global ransomware attacks (WannaCry and Petya), how millions of government employee files were allegedly stolen by the Chinese military, and how cyber criminals were able to make money using data stolen from the security and exchange commission. So far, better has not yet proved to be good enough.
The US government is hardly alone in occasionally limping with their cybersecurity efforts, of course. We are a connected world under siege and only a major increase in available cybersecurity workforce and a fundamental shift towards cooperative and collaborative cybersecurity efforts may begin to make a difference. Until then, the bigger the target, the bigger the threats, and the US will continue to be under attack.