The current cybersecurity environment is a challenging one for the Federal Government. Multiple variables have aligned to make security of government networks and data paramount in the minds of federal IT decision makers and security experts.
There are a number of reasons why ensuring trusted computing systems is a persistent challenge:
- First, the threat landscape is changing, and the ecosystem of adversaries is growing. Federal cybersecurity professionals must understand, prepare for, and respond to the actions of an increasingly complex combination of intruder, including hackers with a range of political and economic motives to cyberterrorists and hostile nation state threat actors.
- Second, and coincident with the growing threats to computing and communications systems, the Federal Government, like most global enterprises, continues to move its essential, mission-enabling applications and data to the cloud or other virtual storage environments.
- Third, a number of government-wide initiatives are adding pressure to those responsible for designing trusted cyber operations. Among these mandates are the Federal Digital Government Strategy that requires agencies to increase their abilities to deliver core constituent services and information to allow mobile device access and The Telework Enhancement Act of 2010 that mandates broader participation by Federal employees in remote working arrangements. These programs are intended to enhance productivity, improve user experiences, and eliminate unnecessary cost and bureaucracy. They also expand the opportunities for malicious attackers to access government data and systems through more devices, applications, and by introducing new threat vectors.
- Fourth, with the nearly universal reliance on Web-based applications and services today, many cyber-attacks—nearly 70 percent—presently are taking place at the Web application layer. That means that Website and Web application attacks constitute the single largest source of threats to most users, greater than spearfishing and mobile device attacks. The pervasive nature of Web-based vulnerabilities is evidenced by the fact that more than two-thirds of organizations report they have been hacked through their Web applications and Websites during the past two years.
Unfortunately for the Federal Government, the traditional means of protecting networks and data from attack have been mostly reactionary. Anti-virus software and patching software to minimize vulnerabilities and mitigate threats often are created once an attack has been launched and valuable information assets have been exploited. Similarly, blocking the IP address of known adversaries is only as effective as the latest identification list. Considering the fact that many hackers use multiple IP addresses, the ability to stay ahead of their malicious activities and ensure effective network security is understandably limited.
Ultimately, many security measures implemented across government enterprises today are designed to react to attacks, track the extent of damage or loss, and block known attackers from repeating past actions. The good news is that new solutions are now available that can do more, are pro-active, and actually can deter attacker behavior.
Among these technologies are techniques that can identify suspicious network activity, build a profile of the individuals responsible for these actions that reveal more than just the IP address, and work to deceive those with malicious intent into paths that lead away from valuable data and devices. When an attacker is identified, software tools can be employed to protect and replace the original target files with facsimiles and fake information that are intended to distract their attention and turn their interests away from the enterprise network Individual attackers and devices can be profiled by using their unique IP address in combination with a number of other variables.
With the threat level rising and the government more at risk than ever, simply responding to cyber attacks is no longer enough. By embracing new security strategies that intentionally deceive and tie up attacker resources, agencies can continue to understand who is after their valuable intellectual property and what the highest value vectors are. Gradually Federal cybersecurity professionals will be able to pro-actively deter many threat actors and protect sensitive data, instead of trying simply to mitigate the damage after-the-fact when security incidents occur.
For additional information and to see a demonstration of these exciting security technologies in action, register for Juniper’s upcoming Defend by Deception Webinar. Additional information and registration details are available HERE.