Protect against insider threats with intelligent security
- By Dale Ludwig
- Apr 19, 2021
For those in the public sector, the attention and spending on security and hardening computer networks against cyberattacks has never been higher. Whether motivations for nefarious activity are espionage, financial gain or just plain business disruption, cybersecurity threats continue to grow in numbers and complexity and have significant effects on the day-to-day business of government.
Just like the motives behind cyber threats, the actual attacks themselves can be widely varied. Today’s government organizations must be on the lookout to combat all types of threats, including malware, denial-of-service attacks, zero-day exploits, ransomware, DNS attacks and many more. Overall, agencies have done a very good job policing these attacks from outsiders, but they may need to start paying more attention to a surprising threat -- their own employees. Insider threats have become an alarmingly significant source of risk. In fact, according to a recent report by Verizon, 34% of all data breaches in the public sector are committed by insiders -- whether intentional or unintentional.
For government agencies, internal security and data protection usually focus on software-driven issues. Virus scanners and firewalls are the most common countermeasures for fighting off cyberattacks. However, the authentication of users and the authorization of access are central and fundamental components of modern internal security. This makes the go-to first step of data security the use of passwords -- which are unfortunately all too easily forgotten, changed too rarely or accidentally disclosed to third parties due to negligence.
The human interface device, the keyboard, is often overlooked when agencies consider implementing internal security measures. It is also the place where almost all insider threats begin. Agencies should prioritize the use of security-enhanced keyboards that can stop threats before they can even be entered into the network.
Many well-known thin-client manufacturers already support the use of secure mode and have integrated the necessary software for deploying secure keyboard. These devices offer two-factor authentication using a smart card, and many now come equipped with a contactless card reader that can read RFID and NFC cards or tags. These new security-equipped keyboards can make an array of secure applications possible; for example, secure keyboards can be used as ID systems for closed user groups, and agency IDs can be easily read in. They can then be partnered with innovative mouse technology that integrates fingertip sensors for user authentication, greatly improving security.
Keyboards can also now be built with a secure mode that ensures maximum protection from "BadUSB" attacks. This means that the authenticity of the device is verified on a certificate-based basis, and the key transmission is encrypted, making it impossible for hardware keyloggers to access sensitive access data and passwords. By blocking the standard keyboard channel, USB sticks that log onto the system as a keyboard cannot inject uncontrolled entries and malicious codes.
With external bad actors constantly finding new ways to attack and threaten data, government agencies must constantly be adjusting and innovating the way they protect themselves. Unfortunately, that means being aware that sometimes cybersecurity threats come from within. Threats have become even more complicated with work from home mandates and a constant increase in the number of devices connecting to the network. Leveraging secure keyboards is a very strong first step in combating internal threats and winning the security battle.
Dale Ludwig is a business development manager at CHERRY.