Cybersecurity

Study names countries most vulnerable to cyberattacks

Shutterstock image: cyber defense.

The United States is ranked 10th in a pool of 44 countries most vulnerable to a cyberattack, according to a study by University of Maryland and Virginia Tech. But a former Justice Department official said U.S. companies need to be prepared to recover quickly from a significant attack.

Luke Dembosky, former deputy assistant attorney general for national security at Justice, has experience dealing with cyberattacks that come from foreign entities. His resume includes helping with the aftermath of the Sony hack by North Korea and the massive Office of Personnel Management hack, which is largely believed to have originated in China.

One of his concerns now is the impact a breach could have on other, less-discussed sectors -- such as the financial sector, which he said is "vital to society."

"Systems and businesses need to be thinking about how to bounce back," he told FCW. "They need to assume a significant attack will happen. They need to game it out, drill for it, prepare for it [with] the best possible defenses but not stop there. They need to have contingency plans, backups and a plan that ultimately allows them to bounce back to their feet."

V.S. Subrahmanian, a professor at the University of Maryland and co-author of the study, said the U.S. needs better threat intelligence. "We need to understand early on what kinds of attacks are coming down our pipe," he told FCW. "We spend a lot of time looking at attacks after they happen."

The study says that South Korea, India, Saudi Arabia, China, Malaysia and Russia face the greatest risk of cyberattack.

Last year, President Barack Obama and China’s President Xi Jinping met in Washington to discuss and attempt to resolve cybersecurity problems, and Jinping agreed to new cybersecurity frameworks that prohibit China from hacking into private U.S. companies for profit.

"Reaching a norm on that issue with China is really groundbreaking," Dembosky said. "I understand it remains to be seen how it's going to play out, but it's an excellent first step."

Subrahmanian said that when the U.S. is able to identify hackers, the government can take legal action, but "in many cases…we are left unable to do much [because the hackers] are protected by a foreign state."

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/Shutterstock.com)

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/Shutterstock.com)

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.