Cybersecurity

Study names countries most vulnerable to cyberattacks

Shutterstock image: cyber defense.

The United States is ranked 10th in a pool of 44 countries most vulnerable to a cyberattack, according to a study by University of Maryland and Virginia Tech. But a former Justice Department official said U.S. companies need to be prepared to recover quickly from a significant attack.

Luke Dembosky, former deputy assistant attorney general for national security at Justice, has experience dealing with cyberattacks that come from foreign entities. His resume includes helping with the aftermath of the Sony hack by North Korea and the massive Office of Personnel Management hack, which is largely believed to have originated in China.

One of his concerns now is the impact a breach could have on other, less-discussed sectors -- such as the financial sector, which he said is "vital to society."

"Systems and businesses need to be thinking about how to bounce back," he told FCW. "They need to assume a significant attack will happen. They need to game it out, drill for it, prepare for it [with] the best possible defenses but not stop there. They need to have contingency plans, backups and a plan that ultimately allows them to bounce back to their feet."

V.S. Subrahmanian, a professor at the University of Maryland and co-author of the study, said the U.S. needs better threat intelligence. "We need to understand early on what kinds of attacks are coming down our pipe," he told FCW. "We spend a lot of time looking at attacks after they happen."

The study says that South Korea, India, Saudi Arabia, China, Malaysia and Russia face the greatest risk of cyberattack.

Last year, President Barack Obama and China’s President Xi Jinping met in Washington to discuss and attempt to resolve cybersecurity problems, and Jinping agreed to new cybersecurity frameworks that prohibit China from hacking into private U.S. companies for profit.

"Reaching a norm on that issue with China is really groundbreaking," Dembosky said. "I understand it remains to be seen how it's going to play out, but it's an excellent first step."

Subrahmanian said that when the U.S. is able to identify hackers, the government can take legal action, but "in many cases…we are left unable to do much [because the hackers] are protected by a foreign state."

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.