Cybersecurity

Study names countries most vulnerable to cyberattacks

Shutterstock image: cyber defense.

The United States is ranked 10th in a pool of 44 countries most vulnerable to a cyberattack, according to a study by University of Maryland and Virginia Tech. But a former Justice Department official said U.S. companies need to be prepared to recover quickly from a significant attack.

Luke Dembosky, former deputy assistant attorney general for national security at Justice, has experience dealing with cyberattacks that come from foreign entities. His resume includes helping with the aftermath of the Sony hack by North Korea and the massive Office of Personnel Management hack, which is largely believed to have originated in China.

One of his concerns now is the impact a breach could have on other, less-discussed sectors -- such as the financial sector, which he said is "vital to society."

"Systems and businesses need to be thinking about how to bounce back," he told FCW. "They need to assume a significant attack will happen. They need to game it out, drill for it, prepare for it [with] the best possible defenses but not stop there. They need to have contingency plans, backups and a plan that ultimately allows them to bounce back to their feet."

V.S. Subrahmanian, a professor at the University of Maryland and co-author of the study, said the U.S. needs better threat intelligence. "We need to understand early on what kinds of attacks are coming down our pipe," he told FCW. "We spend a lot of time looking at attacks after they happen."

The study says that South Korea, India, Saudi Arabia, China, Malaysia and Russia face the greatest risk of cyberattack.

Last year, President Barack Obama and China’s President Xi Jinping met in Washington to discuss and attempt to resolve cybersecurity problems, and Jinping agreed to new cybersecurity frameworks that prohibit China from hacking into private U.S. companies for profit.

"Reaching a norm on that issue with China is really groundbreaking," Dembosky said. "I understand it remains to be seen how it's going to play out, but it's an excellent first step."

Subrahmanian said that when the U.S. is able to identify hackers, the government can take legal action, but "in many cases…we are left unable to do much [because the hackers] are protected by a foreign state."

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.