Last month was National Cybersecurity Awareness Month, which cyber professionals, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA) claim is an opportunity to, “…raise awareness about the importance of cybersecurity across our Nation, ensuring that all Americans have the resources they need to be safer and more secure online.”
And now is an ideal time to discuss the cyber threats facing government networks. Instances of cyberattacks and cyber breaches are skyrocketing across many industries, and the recently released CrowdStrike Threat Hunting Report shows that government agencies are experiencing a more than 5 percent increase in e-crime incidents and cyber intrusions.
What do government agencies need to do to protect themselves? Have the security steps they’ve taken in the past year made them any more secure? And what, if any, impact are world events, such as the COVID-19 pandemic, having on cybersecurity?
To get the answers to these questions, we sat down with Don Maclean, the Chief Cyber Security Technologist at DLT Solutions. Here is what he had to say:
GovCyberHub (GCH): What are some of the largest cyber threats facing government agencies and organizations today? What do public sector organizations need to be aware of?
Don Maclean: Ransomware, credential theft, and exploitation of the pandemic. Crowdstrike, a vendor partner of DLT, publishes a world-class threat report every year, and their research shows an uptick in all these areas. We are also seeing an uptick in scams that seek to exploit the COVID epidemic, generally through phishing campaigns.
Government agencies typically train staff not to respond to phishing e-mails, but rarely measure the true effectiveness of that training. Be aware that bad actors have no qualms about exploiting others’ misfortunes. And be extra vigilant about cybersecurity – in general – and phishing attacks – in particular.
GCH: Last month was Cybersecurity Awareness Month. Would you say that the government and its agencies were more secure from cyber threats in October 2020 than they were in October 2019?
Don Maclean: I would say they are more secure than last year, but only slightly. DHS has done some great work to raise awareness, and the advent of CMMC for DoD contractors show a clear commitment to keeping our nation safe from intruders.
These efforts take time to bear fruit, however, and the most chronic problem – a workforce shortage – continues to plague the industry.
GCH: What unique cybersecurity challenges and cyber threats are public sector organizations facing this year that may be new or unique? How are some of the unique situations and events of 2020 impacting cybersecurity?
Don Maclean: Obviously, the pandemic is affecting all aspects of our lives, including cybersecurity. A huge percentage of the workforce is working from home, often using unsecured or poorly secured personal devices; the attack surface has expanded dramatically.
Election security is also a huge issue. Elections are administered primarily at the state and local level, where officials must deal with a large upsurge in voting by mail and early voting.
GCH: Looking forward, what are some of the things that government organizations should be looking to change or implement in the coming year to help make them more secure from cyber threats? What should their security priorities be in 2020-2021?
Don Maclean: The Crowdstrike report I mentioned earlier states that many successful intrusions took place on systems whose administrators had software that could have stopped the intrusion – but simply had not installed or deployed it. So, a key priority is to recognize that the pandemic is heating up the pace of attacks, so it is essential to use all resources – particularly those already available – to defend against the increased threat.
GCH: Is that something that is universal across the entire government, or are the priorities different from sector to sector, and agency to agency?
Don Maclean: While each agency has some unique requirements, the fundamental approach is fairly similar in civilian agencies and the military.
A few years ago, for instance, the DoD decided to replace their DIACAP security framework with the NIST Risk Management Framework, which formerly had been for civilian use. Conversely, the civilian sector is now looking closely at the CMMC framework, currently aimed at defense contractors.
For additional information on the cyber threats facing government organizations, click HERE to download a complimentary copy of the CrowdStrike Threat Hunting Report.