How Governments Can Mitigate Rising Cyberattacks

U.S. Office of Personnel Management

U.S. Office of Personnel Management Mark Van Scyoc / Shutterstock.com

 

Connecting state and local government leaders

Is your agency talking to its ISP, using multiple data centers and monitoring its networks?

With 2015 nearing a close, Fortune magazine recently reported that the word of the year may be “cybersecurity.” It was a year when cyberattacks continued to make headlines:

  • One in three Americans had their information breached when U.S. health insurance firm Anthem had 80 million customer records breached.
  • One hundred thousand taxpayers had their information compromised resulting from a breach at the Internal Revenue Service.
  • In June, it was estimated that 4 million people’s information had been hacked in a breach at the Office of Personnel Management. But July 9, 2015, that number exploded to 21.5 million, when a second breach at the agency was revealed.

We live in the age of mega-hacks, where no entity appears to be immune from being a target. Government is definitely vulnerable, and agencies have a huge responsibility to protect their digital assets, including intellectual property, agency and constituent data, and financial and classified information.

The risk to government from cyberattacks is increasing exponentially. In a June 2015 survey of federal government CIOs, 28 percent of respondents said attacks were up 50 to 100 percent during the past year. Six out of 10 state chief information and security officers from 49 states said the sophistication of attacks was increasing, according to an October 2014 report from the National Association State Chief Information Officers and the consulting firm Deloitte & Touche LLP.

Attempting to hack into government computer systems constitutes criminal activity. However, the motivations for doing so vary greatly. There are three primary categories of threat actors–those individuals or groups who initiate cyberattacks:

  • Nation-state sponsored threat actors are those who perpetrate cyberespionage on behalf of foreign governments, often with the intention of pilfering research and development data or intellectual property or to spy on government operations. Typically, their purpose is to steal information that can be useful in gaining geopolitical power or that can be used against a rival nation.
  • Hacktivist threat actors strike to draw attention to a specific cause. Their attacks generally are designed to disable government websites or defame them as a way to stage online protests. Anonymous is one such group.
  • Commodity or sport threat actors conduct cyberattacks for sport and typically work on their own and for their own purposes. They may attempt to infiltrate websites “for fun” to test and improve their hacking skills. These threat actors also may try to breach an entity as a way to make a name for themselves within the hacker community.

Attacks on the Rise

Several factors are contributing to the rise in attacks on government:

  • High-profile civic unrest. After the August 2014 shooting of teenager Michael Brown in Ferguson, Missouri, for example, hackers told city government they would “take every web-based asset of your departments and governments offline.” They then made good on the threat, leaving the city with the sole option of conducting business via phone and text messages for several days. Months later, when the nation waited to hear whether the police officer who shot Brown would face charges, the FBI warned government agencies across the country that they could be subject to cyberattacks.
  • Controversial government decisions. In the last couple of years, Utah has seen an acute uptick in hackers trying to breach state computers. Utah Public Safety Commissioner Keith Squires said that, on some days, the number of attempted attacks has reached 300 million, and he attributes the sharp increase to the opening of an NSA datacenter near Salt Lake City. Controversial legislation also can accelerate cyberattacks. For example, after the passage of the Religious Freedom Restoration Act in Indiana in late March 2015, the Indianapolis Star reported on April 3 that, in response to the legislation, a hacker group temporarily disrupted access to the state’s website.
  • Ease of launch. Attacks also may be increasing due to the prevalence of personal computers with high-speed Internet access, which has expanded the number of possible attack sources. In addition, certain types of attacks are cheap and easy for almost anyone, regardless of technological skill, to initiate. For example, as advertised on the Internet, for $6 a month an attacker can purchase a DDoS (distributed denial of service) subscription that can facilitate an attack with a small number of clicks and claims to virtually eliminate the chance of getting caught.

What Government Can Do to Reduce the Risk

Apart from the rare instances when hackers announce in advance that they are targeting a certain site, attacks occur without warning, and government can do little to prevent them. Agencies can, however, take action to reduce the risk of harm. In particular, they can take steps to protect themselves against and help mitigate the effects of a DDoS attack, including:

  • Agencies should, at a minimum, talk to their Internet service providers before an attack happens. An agency needs to understand how its ISP handles traffic associated with DDoS attacks that attempt to take the agency’s services offline by flooding a website with bogus traffic beyond what the site can handle. Agencies need to confirm that the ISP has a service it can engage to reroute all traffic through a filter to clear out the “bad” requests and then reroute legitimate traffic back to the agency. If the ISP doesn’t have something in place to handle this situation, and an agency is attacked, costs to mitigate the attack potentially could be exorbitant.
  • Government can consider storing data in multiple data centers. Spreading out storage in several locations makes it hard for hackers to compromise all of an agency’s data in an attack and has the added benefit of reducing the agency’s storage costs. Agencies that are more susceptible to being targeted, such as the state police or departments of revenue, should consider migration to locations outside of government’s central data centers.
  • An agency should actively monitor its networks for suspicious activity, or engage a third-party to monitor its network, and take immediate action to mitigate an attack if one occurs. Ideally, the provider will offer automated mitigation that addresses the attack and restores service within a few minutes. The third-party provider also should maintain a team that can respond quickly to every attack, ensuring that mitigation is happening promptly and correctly and that any needed follow-up steps are taken to better prepare and defend against future attacks.

Undoubtedly, government is a top target for hackers. While attacks are unpredictable, agencies can take steps to prepare for and mitigate the effects of such an attack. With preparation and the right partnerships, agencies can be better equipped to protect their digital assets and manage attacks when they happen.

(Photo by Mark Van Scyoc / Shutterstock.com)

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.