Cloud migration, data center consolidation and big data strategies may all be in the purview of government agencies, but cybersecurity is directly under the spotlight.
Ever since the unforgettable and unprecedented breach of the Office of Personnel Management, government agencies have been under closer scrutiny from the media when it comes to cybersecurity. One example is the revelation that the Department of Homeland Security was running unpatched databases with "secret" or "top secret" designations. Another occurred when a survey of government workers revealed that 85 percent of respondents admitted to negating best practices for mobility.
On the surface, these instances may seem relatively venial; however, a new study report that these headlines are not making mountains out of mole hills.
The bull's eye on government's back
Control risks' riskmap report 2016 has revealed that one-third of all targeted cyberattacks in 2015 were aimed at government organizations. Government data such as the personal information of federal employees can be used for any number of nefarious purposes, and has repeatedly been targeted in 2015 – the OPM breach was not the only successful cyberattack. It just happened to be the one with the farthest reaching consequences.
Russian hackers also managed to sneak one past government cyber security this past summer. According to The Daily Beast, email accounts of the Joint Chiefs of Staff were hacked in what the Department of Defense has referred to as the "most sophisticated" cyberattack ever orchestrated against the U.S. military. The breach managed to shut down unclassified email accounts, but no important data was stolen. What made the breach so alarming was its level of complexity, and some experts believe that this may not have been the work of a lone actor or an obscure hacking group.
"It was clearly the work of a state actor," defense officials said, according to NBC.
In a separate incident, government officials and telecom professionals were targeted via an espionage tactic called social engineering. Social engineering involves manipulation of people as a tactic for obtaining sensitive of classified information, and in the digital age, this can be orchestrated via social media. According to Dell SecureWorks, an an Iran-based hacker group may have been responsible for the creation of 25 fake LinkedIn profiles that had several high-level connections in government and telecommunications. No motive for the profiles was ever identified, but some of the fake professionals were posing as recruiters for big-name technology firms such as GE. The situation fits the classic profile of a social engineering scheme, and highlight yet another way cybercriminals are targeting the government.
Threats to critical infrastructure
The government has also begun assessing cyberthreats to critical U.S. infrastructure, namely the electric grid. In early December, The house passed an energy bill mandating the Department of Energy and Electric Utilities to create plans that will keep the grid online in the event of a cyberattack, according to The Hill. Another important provision was that the creation of a "Cyber Sense" program that requires the DOE to encourage the use of secure products to be used for large power systems. An attack on the grid could result in national downtime of essential services, including transportation and defense solutions – such as surveillance – and the results could be catastrophic.
Therefore, ensuring the protection of critical infrastructure such as the power grid is just as important as securing federal IT services. Going forward, the ability to improve government technology solutions will depend largely upon federal agencies' ability to keep cyberattackers, whether they're directly targeting government data or they attempt to cripple critical infrastructure for some other malicious purpose, at bay.