• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Excelitas Qioptiq banner

BATTLESPACE Updates

   +44 (0)77689 54766
   

  • Home
  • Features
  • News Updates
  • Company Directory
  • About
  • Subscribe
  • Contact
  • Media Pack 2022

CYBER WARFARE, EW, CLOUD AND HOMELAND SECURITY UPDATE

October 21, 2016 by

20 Oct 16. ‘Not If, But When’: NSA Official Discusses Importance of Cyber Vigilance. In the wake of major intrusions into U.S. government computer networks over the last 24 months, the National Security Agency’s deputy national manager for national security systems outlined his agency’s role in developing cyber defense mitigations, and its critical response to public- and private-sector cyber incidents.
During his remarks Oct. 18 at the American Enterprise Institute, Curt Dukes offered an inside look at NSA’s incident-response work, and described the agency’s way ahead in improving government cyber defense in the aftermath of intrusions at the Office of Personnel Management, State Department, DoD’s Joint Staff and two commercial companies that conducted background checks for the U.S. government.
“The adversary took advantage of poorly secured, poorly patched systems,” Dukes said. “Once they had that initial foothold, they elevated privileges and then moved to mission objective, which was exfiltration of personally identifiable information, exfiltration of intelligence, or in some cases, the actual destruction of the host.”
Raising Costs to Adversaries
With so much at stake, Dukes said U.S. vigilance of computer networks is vital, and ultimately needs to stack the odds against cyber attackers.
“[An adversary] could easily attack us [and] achieve mission objective … so I want to raise the cost to the adversary,” he said. “By the time we actually respond to an intrusion — it takes hours to days — by then, in cyber time, an adversary has already met their objective.”
Dukes explained typical cyberattack life cycles and various mitigations that he said will force adversaries to alter their intrusion methods, while helping industry to better prepare the U.S. government and military for those types of attacks at each step of the cycle.
As networks become increasingly interconnected, Dukes said, adversaries will find proportionately more exploitation opportunities. He maintains that it pays to invest in network defense.
“Look at what we currently spend in remediation for the [Office of Personnel Management] breach … if we had put just put one-tenth of that into good security at the very beginning, we’d have been much better prepared for any type of attack in that regard,” Dukes said of the 2015 intrusions that cost the government millions to address and impacted millions of current, former and prospective federal employees and contractors. “There’s an imbalance right now in what we spend on offense capabilities, and what we spend on defense.”
Cyberattack Lifecycles
The cycle, Dukes explained, begins with an initial exploitation of open-source literature or the defense industrial base. When a vendor wins a contract, that information becomes publicly available and adversaries use a phishing attack, such as crafting emails that appear to come from a senior official.
“They want you to either click on that link or open that attachment,” he said, “and this creates a classic spear-phishing avenue that they’re going to continue to use until we actually remove that as a capability for them.”
Dukes also described “watering holes,” in which adversaries lead unsuspecting users to a site they’ve already corrupted. “From that point,” he said, “they can then put the initial install onto your device, and get access through a classic thumb drive or some type of media.”
And, while these vulnerabilities help cyber attackers gain access to very basic network levels, their next move is to establish persistence, Dukes explained.
“It gives them the ability to have multiple ingress and egress points,” once they establish a virus and assesses to a network and its connectivity, Dukes said. “So they’ve maybe found that host, but they’ve already moved to other hosts and to multiple ways in and out of the network.”
But entry points, he noted, are only part of the problem.
“Once they understand your system, if you’re not particularly well-patche

Primary Sidebar

Advertisers

  • qioptiq.com
  • Exensor
  • TCI
  • Visit the Oxley website
  • Visit the Viasat website
  • Blighter
  • SPECTRA
  • InVeris
  • Britbots logo
  • Faun Trackway
  • Systematic
  • CISION logo
  • ProTEK logo
  • businesswire logo
  • ProTEK logo
  • ssafa logo
  • DSEi
  • Atkins
  • IEE
  • EXFOR logo
  • KME logo
Hilux DVD2022 GlobalMilSat

Contact Us

BATTLESPACE Publications
Old Charlock
Abthorpe Road
Silverstone
Towcester NN12 8TW

+44 (0)77689 54766

BATTLESPACE Technologies

An international defence electronics news service providing our readers with up to date developments in the defence electronics industry.

Recent News

  • EXHIBITIONS AND CONFERENCES

    July 1, 2022
    Read more
  • VETERANS UPDATE

    July 1, 2022
    Read more
  • MANAGEMENT ON THE MOVE

    July 1, 2022
    Read more

Copyright BATTLESPACE Publications © 2002–2022.

This website uses cookies to improve your experience. If you continue to use the website, we'll assume you're ok with this.   Read More  Accept
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT