I'm the new Chief Technologist for our Federal and National Government team, and I’m glad to be joining the conversation with all of you. Here's an interesting article from my colleague, Joe Kim, in which he argues that military IT professionals can and should adopt a more proactive approach to combating cyberattacks.
Today’s cyberattackers are part of a large, intelligent, and perhaps most dangerously, incredibly profitable industry. These attacks can come in all shapes and sizes and impact every type of government organization. In 2015, attackers breached the DoD network and gained access to approximately 5.6 million fingerprint records, impacting several years' worth of security clearance archives. This level of threat isn't new, but has grown noticeably more sophisticated—and regular—in recent years.
So why are defense organizations so vulnerable?
Brave New World
Military organizations, just like any other organizations, are susceptible to the changing tides of technology, with Warfighter Information Network-Tactical (WIN-T) offering an example of the challenges it faces. WIN-T is the backbone of the U.S. Army’s common tactical communications network, and is relied upon to enable mission command and secure reliable voice, video, and data communications at all times, regardless of location.
To help ensure “always on” communications, network connectivity must be maintained to allow WIN-T units to exchange information with each other and carry out their mission objectives. WIN-T was facing bandwidth delay and latency issues, resulting in outages and sporadic communications. They needed a solution that was powerful and easy to use. This is an important lesson for IT professionals tasked with adopting new and unfamiliar technology.
WIN-T also required detailed records of their VoIP calls to comply with regulatory requirements. Available solutions were expensive and cumbersome, so WIN-T worked with its solution provider, SolarWinds, to develop a low cost VoIP tool that met their technical mission requirements.
The WIN-T use case demonstrates that defense departments are looking to expand and diversify their networks and tools. This has created a new challenge for military IT professionals who must seamlessly incorporate complex new technologies that could potentially expose the organization to new vulnerabilities.
Impact of a Breach
Military organizations are responsible for incredibly sensitive information, from national security details to personnel information. When the military suffers a cyberattack, there are far greater implications for it and the society as a whole.
If a military organization were breached, for example, and sensitive data fell into the wrong hands, the issue would become a matter of national security, and lives could be put at risk. The value of military data is astronomical, which is why attackers are growing more focused on waging cyberwarfare against military organizations. The higher the prize, the greater the ransom.
However, it's not all doom and gloom, and military IT professionals do have defenses to help turn the tide in the fight against cyberattackers. The trick is to be proactive.
Far too many organizations rely on reactive techniques for combating cyberattacks. Wouldn't it be far less damaging to be proactive, rather than reactive? Of course, this is easier said than done, but there are ways in which military IT professionals can take a proactive approach to cybercrime.
First, they should apply cutting-edge technology. Outdated technologies essentially open doors for well-equipped attackers to walk through. IT professionals should be given the support needed to implement this technology, if military organizations are serious about safeguarding against cyberattacks.
By procuring the latest tools, and ensuring internally that departments are carrying out system updates when prompted, military organizations can help protect themselves against the sophisticated techniques of cyberattackers.
Second, automation should be employed by military organizations as a security tool. By automating processes—from patch management to reporting—they can help ensure an instantaneous reaction to potential threats and vulnerabilities. Automation can also help safeguard against the same type of breach in the future, providing an automated response should the same issue occur.
Third, all devices should be tracked within a military organization. This may sound paranoid, but many breaches are a result of insider threats, whether it's something as innocent as an end-user plugging in a USB, or something altogether more sinister.
Automation can be used to detect unauthorized network access from a device within the organization, enabling the system administrators to track and locate where the device is, and who may be using it.
Despite the fear surrounding data breaches, military organizations are capable of standing firm against the next wave of innovative, ingenious cyberattacks.
Find the full article on Government Computing.