Both sides shift cyberwar tactics

Cybercriminals are becoming more sophisticated but so are the responses to cyberthreats

Cyberwar is changing, and network defense must adapt, two leading executives told a military audience at the Air Force Information Technology Conference at Auburn University’s Montgomery campus earlier this month.

“We are at a much more dangerous place today than we were four or five years ago,” said Steve Ballmer, Microsoft’s chief executive officer. The perpetrators of cyberattacks have shifted in recent years from amateur hackers seeking notoriety to organized criminal enterprises with financial or hostile goals, he said.

John Thompson, Symantec’s CEO, said today’s cybercriminal is interested in “perpetrating silent, highly targeted attacks to steal sensitive personal, financial and operational information.” That new criminal tactic marks a shift away from large-scale virus or worm attacks. The number of such attacks dropped from about 100 between 2002 and 2004 to only six last year, he said.

Responses to cyberattacks are evolving, too, Ballmer said. In the past, experts worked to close vulnerabilities in programs and shorten release times for upgrades and patches. Now they focus on building systems that intruders cannot penetrate, he said.

That new defense strategy requires abandoning the suit-of-armor approach, in which developers added layers of protection to keep information safe.

Those layers restricted data access, hampering real-time use and mission performance, Thompson said. Effective cyberdefense will depend on a combination of protecting the IT infrastructure, information and interactions among people using the information, he added.

Standardized data formats and a common software infrastructure are crucial to IT infrastructure protection, Thompson said. Organizations must be sure to transfer data to backup systems to be ready for natural or man-made disasters. “After all, servers and laptop [computers] can be replaced. The information on them most likely cannot,” he said.

Disgruntled or careless employees can do significant damage, so organizations must monitor transactions to instantly combat suspicious or dangerous activity, Thompson said. For example, comply-and-connect mechanisms can verify user identity, he said. The proliferation of wireless devices and telework requires increasingly sophisticated approaches to certification and authentication, he added.

The next cyberwar battle will be fought over unstructured data, including e-mail messages, instant messages, Microsoft PowerPoint and Word documents, and voice-over-IP conversations, which compose 80 percent to 90 percent of data accessible via the Internet, Thompson said.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group