Cybersecurity

Hackers adapting to government adversaries

Cyber Attack 

A new threat report from Cisco found that hacker are increasingly able to mask their presence and take advantage of security vulnerabilities inherent in two popular technologies -- the cloud and internet-of-things devices -- to gain network access.

The report highlights how malicious actors are using increasingly sophisticated methods to hide and obscure the presence and intent of their actions from government cyber watchdogs.

Some forms of malware are being designed to evade modern security practices that isolate malicious code. Attackers also rely on cloud services like Dropbox and Google Docs to hide in the "noise" of legitimate network traffic.

"Clearly the malware is getting more and more creative," said Dan Kent, chief technology officer for Cisco federal and director of engineering.

As another example, the report points to the 2017 WannaCry attacks, which security researchers have attributed to The Lazarus Group and which Western governments, including the Trump administration, have said were conducted at the behest of North Korea. Though hundreds of thousands of computers were affected, only about 300 people actually paid the ransom, and the attacks yielded surprisingly small earnings, around $143,000.  Cisco researchers believe that the "ransomware" aspect of the attacks may have been "merely a smokescreen" to hide the real objective: wiping data.

Dedicated denial of service attacks powered by hijacked IoT devices represent a real and growing threat, particularly reflection and amplification vectors that can exponentially increase the amount of traffic that botnets can direct. Kent said federal agencies tend to have better security procedures around their devices to prevent them from being hijacked, but their public facing websites are vulnerable to DDOS attacks. Additionally, the federal government plays a significant incident response and coordination role for the private sector and state and local governments, where the weaknesses are more pronounced.

"What we've seen is without any type of perimeter anymore and clearly with some of these IoT devices … you don't have the level of security" said Kent. "A lot of these devices get put on the network without IT even knowing until after the fact."

About the Author

Derek B. Johnson is a former senior staff writer at FCW.

Featured

  • People
    Federal 100 logo

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected