Cybersecurity

Hackers adapting to government adversaries

Cyber Attack 

A new threat report from Cisco found that hacker are increasingly able to mask their presence and take advantage of security vulnerabilities inherent in two popular technologies -- the cloud and internet-of-things devices -- to gain network access.

The report highlights how malicious actors are using increasingly sophisticated methods to hide and obscure the presence and intent of their actions from government cyber watchdogs.

Some forms of malware are being designed to evade modern security practices that isolate malicious code. Attackers also rely on cloud services like Dropbox and Google Docs to hide in the "noise" of legitimate network traffic.

"Clearly the malware is getting more and more creative," said Dan Kent, chief technology officer for Cisco federal and director of engineering.

As another example, the report points to the 2017 WannaCry attacks, which security researchers have attributed to The Lazarus Group and which Western governments, including the Trump administration, have said were conducted at the behest of North Korea. Though hundreds of thousands of computers were affected, only about 300 people actually paid the ransom, and the attacks yielded surprisingly small earnings, around $143,000.  Cisco researchers believe that the "ransomware" aspect of the attacks may have been "merely a smokescreen" to hide the real objective: wiping data.

Dedicated denial of service attacks powered by hijacked IoT devices represent a real and growing threat, particularly reflection and amplification vectors that can exponentially increase the amount of traffic that botnets can direct. Kent said federal agencies tend to have better security procedures around their devices to prevent them from being hijacked, but their public facing websites are vulnerable to DDOS attacks. Additionally, the federal government plays a significant incident response and coordination role for the private sector and state and local governments, where the weaknesses are more pronounced.

"What we've seen is without any type of perimeter anymore and clearly with some of these IoT devices … you don't have the level of security" said Kent. "A lot of these devices get put on the network without IT even knowing until after the fact."

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.