Coordinated Attacks Call For More Sophisticated Cyber Defense - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity
02:30 PM

Coordinated Attacks Call For More Sophisticated Cyber Defense

Agencies and industry are rethinking how they defend against coordinated attacks by teams of specialized hackers.

5 Breakthrough DARPA Technologies Beyond GPS
5 Breakthrough DARPA Technologies Beyond GPS
(Click image for larger view and slideshow.)

Government and industry are facing a new breed of well-trained cyber attackers who are taking advantage of weaknesses in network defenses through coordinated attacks. To counter this threat, public and private-sector IT security experts contend that organizations must improve how they share information and react to intrusions.

Today's adversaries in cyberspace aren't the individual hackers and random criminals of the past, Jacob West, chief technology officer for Hewlett Packard's Enterprise Security Products business, explained at a recent conference in Washington D.C. These new actors are highly focused and work collaboratively -- something they did not do a decade ago, he said. Sophisticated cyber attackers now work in teams, with certain groups specializing in certain technical areas, such as software or malware writing. Each of these groups contributes its skills to the "kill chain" of a cyberattack. "We see this specialization resulting in a much higher caliber of effectiveness."

Federal agencies need to learn more about how cyber attackers work, Wes said, to counter them and learn better ways to collaborate internally. Organizations need to be better at sharing intelligence with one another and industry. Without this collaboration and cooperation, he said, the fight against cyber attackers is stacked in favor of the attackers.

[The Internet of Things brings with it a world of security questions. Read Internet Of Things Intrigues Intelligence Community.]

Richard Hale, the Defense Department's deputy CIO for cybersecurity, said one of the challenges faced by the government is that there is still a poor understanding of adversaries' goals. This is because most attacks tend to appear initially as data theft instead of intelligence gathering or espionage. He noted the DOD's particular challenge of getting its mission accomplished in the face of a capable adversary. One of the disadvantages faced by the military and government in general is that adversaries need only succeed at least half of the time, he said.

Defense Department deputy CIO for cybersecurity Richard Hale.
Defense Department deputy CIO for cybersecurity Richard Hale.

The Department of Homeland Security is the chief government agency responsible for coordinating cyber defense, mitigating attacks, and responding to them, said Phyllis Schneck, the DHS deputy under secretary for cybersecurity. She described these efforts as a "cleanup-in-aisle-nine" process managed through the DHS's National Cybersecurity and Communications Integration Center. Information sharing is critical to this process. The office plays a key role in this process, she said, and every part of the DHS has its own cyber component.

The DHS is helping defend federal infrastructure through programs such as Einstein, a continuous diagnostics and mitigation system that scans civilian government systems for signs of intrusion and data breaches, Schneck said. The government is at a very good place to share information openly with the private sector and academia on security issues. The DHS is also using big data tools to manage and observe networks, which allows for improved defense against zero day and botnet attacks. Collaboration is helping federal agencies work together and create a better picture of an attack through information sharing, she said.

Despite the progress made by the DHS on the federal side, industry needs to do more. A priority for 2015 is active collaboration between companies on security issues, according to West. In the past, he said, firms didn't share security information and viewed their network security as a competitive advantage. But with the recent pace of major data breaches, there has been a sea change in how firms view information sharing on this issue. The coming year, he predicted, will see more active collaboration such as sharing best practices and working more closely with the government.

Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data. In the Partners' Role In Perimeter Security report, we'll discuss concrete strategies such as setting standards that third-party providers must meet to keep getting your business, conducting in-depth risk assessments -- and ensuring that your network has controls in place to protect data in case these defenses fail (free registration required).

Henry Kenyon is a contributing writer to InformationWeek Government. He has covered Government IT and Defense markets since 1999 for a variety of publications including Government Computer News, Federal Computer Week, AFCEA's Signal Magazine and AOL Government. View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

How SolarWinds Changed Cybersecurity Leadership's Priorities
Jessica Davis, Senior Editor, Enterprise Apps,  5/26/2021
How CIOs Can Advance Company Sustainability Goals
Lisa Morgan, Freelance Writer,  5/26/2021
IT Skills: Top 10 Programming Languages for 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/21/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll