Page 2 - CARAHSOFT_August/September
P. 2

THERE’S NO ONE-AND-DONE fix for cybersecurity. The environment evolves with ever-changing types of attacks and vulnerabilities, requiring government agencies to remain alert and proactive. But that can be challenging given the speed at which new technologies introduce risks and solutions alike.
Federal civilian agencies reported a combined 35,277 security incidents in 2017, up from 30,899 in 2016. One reason for the increase is the proliferation of new attack vectors. Take cryptocurrency mining and botnets, for instance.
Coinhive is designed to enable website owners to make money without using ads, and it is fast becoming a tool of choice for malware authors who hide it in Chrome extensions and hacked sites, according to the MIT Technology Review. Researchers say cryptocurrency- mining botnets could earn hackers $30,000 a month or even as much as $100 million a year. Crypto-mining malware affected 22 percent of organizations worldwide in May, up from 16 percent the month before.
Another emerging problem is fileless malware that can bypass antivirus protections. Last October, researchers discovered a new version of DNS Messenger that “masquerades as the Securities
and Exchange Commission and hosts malware on compromised government servers,” according to ZDNet. The attack sends an
email message that looks like it’s from an SEC system, but users who download an official-looking attachment kick off a series of infections.
How the government is responding
The need for cybersecurity techniques that can address these new — and growing — problems is not lost on government officials. Agencies that set the tone for cybersecurity governmentwide are updating defensive programs and proactively deploying innovative responses.
As cybersecurity challenges evolve, so do agencies’ efforts to find new ways to protect their systems
For example, the Department of Homeland Security’s Continuous Diagnostics and Mitigation program is moving into the third of its four phases. After determining what is on the network (Phase 1)
and who is on the network (Phase 2), agencies are now focusing
on what’s happening on the network. DHS has started making awards under CDM’s Dynamic and Evolving Federal Enterprise Network Defense set of task orders, which offer agencies increased procurement flexibility and enhanced support for cloud and mobile cybersecurity, among other improvements.
But IT managers know that despite their best efforts, the risk of a successful attack always looms. “Government agencies should be prepared to face new, self-propagating, network-based threats in 2018,” Cisco’s latest Annual Cybersecurity Report states.
Accordingly, every other year DHS runs the Cyber Storm drill
so participants can practice collaborating on the response to a simulated cyber incident. More than 1,000 people worldwide took part in the most recent drill in April, which aimed to strengthen “cybersecurity preparedness and response capabilities by exercising policies, processes and procedures for identifying and responding to a multi-sector cyberattack targeting critical infrastructure.”
In addition to governmentwide initiatives to bolster cybersecurity, agencies are taking matters into their own hands. The IRS issued
a request for information in June seeking industry examples of a platform based on artificial intelligence and machine learning that could identify and mitigate insider threats. Officials said the solution should automatically and continually learn to improve accuracy, identify previously unknown threats and support the use of near- real-time data sources.
Blockchain is another technology that many government
GCN Staff

   1   2   3   4   5