Congressional leaders cite growing U.S. cyberattack vulnerability
- By Kris Osborn
- May 12, 2017
Congressional leaders are raising alarm about increasing U.S. vulnerability to cyberattacks and expressing concern that current military deterrence activities fall well short of what is needed.
Sen. John McCain, R-Ariz., chaired a May 11 Senate Armed Services Committee hearing on cybersecurity, stating that the U.S. effort is substantially lacking.
“We face a growing variety of advanced threats [in cyberspace] from actors who are operating with evermore sophistication, speed and precision.’ We’ve heard how the lack of a strategy and policy continues to undermine the development of meaningful deterrence in cyberspace. The threat is growing, yet we remain stuck in a defensive crouch, forced to handle every event on a case-by-case basis, and woefully unprepared to address these threats,” McCain stated at the May 11 event.
A threat analysis cyber study cataloguing 2017 attacks lends evidence to support McCain’s claim, finding that the U.S. military and other federal government entities are experiencing a quickly increasing number of data security breaches.
When compared with healthcare, retail and financial sectors, the U.S. federal government has had the highest acknowledgement of data breaches, according to a corporate-sponsored 2017 Vormetric Data Threat Report released in February of this year.
“The amount of increase in cybersecurity spending is lower than any other sector, due to a lacking federal budget and increase in breaches,” Wayne Lewandowski, vice president, federal, Thales e-security.
Thales and other corporations, such as Oasis, Nutanix, Fusion Storm and others, sponsored an independent study to inquire about specific elements of cyberattacks.
The study found that federal data breaches, including U.S. military networks, increased from 22-percent to 34-percent in 2016, Lewandowski said.
The threat assessment report also found that higher-level government employees, such as executives, credentialed employees, flag officers and members of the Senior Executive Service, were targeted more often due to their consistent access to sensitive materials. While classified networks were, of course, attacked, the study found that non-secret but important information such as items labeled FOUO (For Official Use Only) were targeted more often because they have a lower level of protection compared with classified information.
While respondents across the full spectrum of categories reported experiencing increased vulnerability to cyberattacks, government networks had the highest percentage of identified data breaches; 65-percent of federal government organizations said they have had a breach, a number larger than the other areas. Healthcare respondents reported a 47-percent breach, retail found a breach rate of 52-percent and the financial sector identified 42-percent.
Thomas Sasala, Director of Army Architecture Integration Center in the Office of the Army Chief Information Officer, told a group of systems integrators at a Washington Technology event on securing the cloud that there has been a significant increase in application level attacks. “They occur inside the perimeter you spent millions of dollars protecting,” he said. The Army is using encryption and is reducing and centralizing the number of enterprise data centers to defend the data.
Lewandowski said that although criminal actors comprised a large percentage of the attackers, findings also showed that there was a major risk from state and non-state adversaries of the U.S. military. He made the observation that not only does the U.S. military need to strengthen cyber defenses – but that there was a growing need to increase offensive attacks designed to thwart would-be intruders.
There is clearly consensus that more needs to be done, given the pace of technological change. However, there have been a number of U.S. military service cyber-specific offensive and defensive activities underway.
In recent years, the Navy completed a special Task Force Cyber Awakening initiative aimed at better protecting the growing extent to which weapons systems are networked and cyber-reliant. The Air Force also recently stood up special “cyber squadrons” tasked with increasing cybersecurity practices, hygiene and overall awareness across the services.
Also, the Air Force has been working with industry to establish and refine more offensive tactics such as cyber-deception. This approach uses automation and computer technology to present an intruder with the image or impression that a human user is conducting cyber operations managed by a computer. The technique seeks to identify and thwart cyber attackers without placing any sensitive data at risk.
Kris Osborn is a former editor of Defense Systems.