Home > Uncategorized > Strategies for Dealing with Latest Cyberattacks: The Need to Reinvent the Wheel

Strategies for Dealing with Latest Cyberattacks: The Need to Reinvent the Wheel

If you regularly read security-related news, you have undoubtedly seen news items regarding the growing number of targeted attacks against sensitive US government and commercial sector computing systems. Although the attack methods have varied widely, many of them have involved sending malicious attachments to certain US government or private sector employees which, if opened, implant malicious code in the system used by the unsuspecting targeted individual. Now in control of the system it has infected, the malicious code covertly notifies the attacker that this code has control of a system. The attacker follows up by gaining backdoor access to the infected system with full privileges without leaving any indication of the activity whatsoever. The only real common denominator is that systems keep getting broken into time-after-time.

Last year the Bush Administration reportedly became very concerned about these new, highly successful attacks. Last January President Bush signed the Cyber initiative, which was intended to provide resources to major government agencies and departments in an attempt to stem the tide. These resources have, however, been slow to get to information security programs; meanwhile, if anything, the attacks are reportedly becoming more frequent and more deadly. The attacks originate from a plethora of different IP addresses (many of which reportedly are in the Peoples Republic of China), the attacks are relentless, and the potential victims have ostensibly been very carefully chosen.

There is a huge paradox here, however. A good proportion of the systems that have been broken into have been secured in accordance with general system security principles. The government agencies and departments that received miserable grades for their practices of security from Rep. Putnam of Florida not too many years ago are now receiving much better marks. The agencies and departments are using well configured and well maintained firewalls, intrusion detection and intrusion prevention systems, virtual private networks, strong authentication and are keeping up better than ever with installing patches in systems, yet the successful onslaught continues.

What is becoming increasingly evident is that a new security paradigm is needed if government agencies and departments as well as the commercial arena is going to be successful in defending their systems against this new breed of attack. New paradigms are contrived all the time, but many individuals who are in a position to do something about the problem do not know about them. Additionally, there seems to be little agreement concerning the one that is likely to work best among the individuals who are aware of these paradigms and are sufficiently competent to evaluate them. Much of the latter problem results from lack of agreement concerning the evaluation criteria that should be used to evaluate new paradigms. The unfortunate result is that all the while information security functions within US government agencies and corporations are sticking with the “same old same old” approach to information security.

A new paradigm needs to be created soon, or if not, the most promising of existing paradigms needs to be chosen soon. Then, more importantly, the controls and infrastructure that the new or winning paradigm call for need to be put in place shortly afterwards. It is well time to quit spinning wheels—the problem is simply too serious.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.