How cybercrime feeds on modernization

Featured eBooks
The State of Trust in Government
Cybersecurity in State and Local Government
Building Data Literacy in the State and Local Workforce
By Anthony Giandomenico
 

Connecting state and local government leaders

By Anthony Giandomenico

|

As agencies revamp their security infrastructure as they modernize, they must look for security solutions based on threat intelligence that illuminates today’s attack vectors and tactics.

Government agencies have long been a target for cybercriminals. While some attackers focus on stealing and selling personally identifiable information and other secure data, nation-state groups seek access to classified information and hacktivists look to disrupt daily operations.

Even as agencies come under increasingly sophisticated attacks, they continue to expand their network architectures to support digital transformation efforts and keep up with the demands of the constituents they serve.  

As transformation efforts demand government networks become more distributed, renewed emphasis must be placed on simultaneously strengthening cybersecurity infrastructure and policies that are based on threat intelligence that illuminates today’s attack vectors and tactics.

Modernization of government networks

In order to keep pace with digital transformation requirements and the demands of constituents, IT modernization has become a key priority at government agencies. While government networks have long relied on legacy IT infrastructure, primarily on-premises servers that kept networks isolated, that isolation -- which was once beneficial for security purposes -- is no longer practical.

Initiatives such as the Modernizing Government Technology Act call on federal agencies to expand their networks using software-, infrastructure- and platform-as-a-service applications, the internet of things and more. While moving federal workloads to the cloud offers benefits in terms of cost and scalability, maintaining security during modernization is easier said than done. Shifting networks from closed to open without considering how to seamlessly integrate security across the new distributed environment can lead to a security patchwork solution that creates gaps for criminals to exploit. 

For example, as cloud use through SaaS and IaaS increases, so has encryption. Our Threat Landscape Report for Q3 of 2018 shows the percentage of HTTPS traffic traversing networks has risen from 55.4 percent to 72.2 percent over the last year. This increased use of encryption can leave government networks susceptible to attacks if not done correctly, as it can result in diminished performance due to the overhead of proper inspection and in reduced visibility into protected data.

To combat this sort of inadvertent problem, security must be accounted for with each act of modernization.

To address these sorts of challenges, the federal government has developed cybersecurity initiatives in conjunction with those for modernization to minimize the new risks being introduced by digital transformation. The Cybersecurity Executive Order, for example, emphasizes using modernization efforts to increase defenses from advanced threats, while Trusted Internet Connection 3.0 addresses security changes brought on by cloud adoption.

These programs aim to ensure that federal agencies have the infrastructure in place to combat threats that are now more imminent due to cloud and IoT environments. Cybercriminals are targeting and infiltrating networks, especially those expanding their footprint in some way, according to our Q3 threat intelligence. In that quarter alone, there were 7,925 unique exploits detected, each of which represents a potential unauthorized entryway into a modern network.

As agencies adopt and perfect new modernization strategies and transformation solutions, they should do so with these specific attack vectors in mind:

Mobile malware made its mark among the 34,148 unique malware variants detected this quarter, with 26 percent of organizations reporting malware targeting mobile devices such as tablets and smartphones. As government networks become more open to allowing mobile devices to leverage cloud applications, they must be wary of this targeted form of malware.

IoT exploits have also been used as attack vectors by cybercriminals this quarter. Exploits in connected devices such as printers, routers, telephony equipment and more have become common ways criminals try to execute a broader network breach.

Cryptojacking, the unauthorized use of an organization's computers to mine cryptocurrency, remains a common tactic for cybercriminals. Because cryptojacking does not steal data or visibly alter daily abilities, it may be deprioritized by security teams working to improve security infrastructure. However, new cryptojacking versions damage or disable security systems, opening a possibility for a secondary intrusion. As a result, IT teams should be on the lookout for uncommonly high resource consumption.

Botnets remained a prevalent threat this quarter with Gh0st, Pushdo and Andromeda being some of the most notable. Additionally, IoT botnets such as Reaper and even Mirai were on the rise, with new variants that make them more potent. As botnets continue to evolve, IT managers must be wary of those that have machine learning or analytics capabilities, allowing them to locate efficient exploits.

Get ahead of the threat

As government agencies work to protect their networks from these and other threats brought on by digital transformation, there are a few steps they can take.

First, agencies must secure their expanding networks with an integrated and automated security approach. Integration ensures that as the network becomes more open and distributed, each solution that is selected and deployed works together with other security solutions to ensure there are no gaps in protection. This approach reduces the risks brought on by a patchwork of security solutions and enables every connected solution to issue automated responses to detected threats. 

Second, government agencies should rely on global and local threat intelligence to inform the solutions and policies they deploy. This will ensure security teams are to date on the exploits and attack vectors cybercriminals are focusing on, both worldwide and within their own networks.

Finally, practicing strong security hygiene can go a long way toward reducing threats within government networks, especially those brought on by employees.

Government IT modernization means building a more distributed network that incorporates IoT devices, cloud infrastructure and SaaS applications. Unfortunately, for all the benefits that modernization brings, it also means more entryways for cybercriminals to exploit. As agencies revamp their security infrastructure as part of the digital transformation process, they must leverage threat intelligence to guide their strategic directions and employ security solutions that can consistently consume that information to detect and respond to threats in an integrated and automated manner.

NEXT STORY: Lapsed TLS certificates erode federal website security during shutdown

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.