Lodinews.com

default avatar
Welcome to the site! Login or Signup below.
|
||
Logout|My Dashboard

Preparing for cyber warfare

Print
Font Size:
Default font size
Larger font size

Posted: Monday, July 21, 2014 10:00 pm | Updated: 1:36 am, Tue Jul 29, 2014.

(BPT) - Recently, emboldened Russian hackers breached the systems of power plants across the United States and Western Europe. In June, Chinese hackers attempted to gain access to several U.S. power plant operation control systems. And in May, the Department of Homeland Security announced hackers had actually gained control of a mechanical device at an unnamed U.S. energy facility.

These brazen cyber attacks on a critical infrastructure have raised new alarms within the information and homeland security sectors. Dr. Jane LeClair, COO at the, National Cybersecurity Institute notes that these types of incidents, in which hackers exploit  vulnerabilities within the country’s digital infrastructure, are referred to in military parlance as “prepping the battlefield.” Following other recent high profile data breaches at private companies such as Target, Michaels, and eBay, and the digital bomb that was left in NASDAQ in 2011, the question is being raised – is America prepped to handle a contemporary cyber war?

While there may be no definitive answer to that question right now, it’s apparent the U.S. needs to look beyond the basics in cybersecurity like never before, says Dr. Sherly Abraham, program director for cybersecurity at Excelsior College. She emphasizes the need for a more proactive approach and comprehensive situational awareness.

Traditionally, the information security community has reacted to a cyber attack or discovery of a particular malware by developing an algorithm to identify the virus’s signature and then creating anti-virus software to prevent a future breach. But many in the security community argue in favor of training cyber professionals to “think like a hacker,” says LeClair. Many higher education institutions are now offering cyber programs that detail both offensive and defensive approaches.

The need for greater situational awareness and increased security education and training may seem like common sense, yet these are often underutilized or even ignored. Experts are urging private companies, organizations and governments to become attentive to the security strengths and weaknesses of their entire operational network - evaluating, monitoring and securing each device, user and service.

A strengthened posture of situational awareness also means taking into account individual weaknesses. Human error often is an organization’s largest cybersecurity vulnerability. Focusing on the human-side of the equation can help stave off social engineering, the criminal practice of using deception to trick an employee into giving up access to a company’s system or confidential information via clicking on a link that contains a virus or malware.

In fact, greater situational awareness and a proactive approach may have been able to prevent at least a few of the past data breaches. Data alerts surrounding the use of memory-scraping malware attacks against credit card companies were first issued in April 2013. A few days prior to Thanksgiving that year, malware introduced into Target’s security and payment system led to the theft of 40 million customer credit card numbers.

Did the merchant take the data alert warnings seriously enough? Even if they had, would this have prevented cyber intruders both at home and abroad (where there are reports of state-sponsored hacking efforts) from perfecting their craft? Industry analysts and commentators will continue to debate the issue. But what is certain is that better education and training can improve the likelihood that cyber-defenders not only heed attack signs in the future, but develop the necessary measures to build defenses against them before they are created in the first place.

Rules of Conduct

  • 1 Use your real name. You must register with your full first and last name before you can comment. (And don’t pretend you’re someone else.)
  • 2 Keep it clean. Please avoid obscene, vulgar, lewd, racist or sexually oriented language.
  • 3 Don’t threaten. Threats of harming another person will not be tolerated.
  • 4 Be truthful. Don't lie about anyone or anything. Don't post unsubstantiated allegations, rumors or gossip that could harm the reputation of a person, company or organization.
  • 5 Be nice. No racism, sexism or any sort of -ism that is degrading to another person.
  • 6 Stay on topic. Make sure your comments are about the story. Don’t insult each other.
  • 7 Tell us if the discussion is getting out of hand. Use the ‘Report’ link on each comment to let us know of abusive posts.
  • 8 Share what you know, and ask about what you don't.
  • 9 Don’t be a troll.
  • 10 Don’t reveal personal information about other commenters. You may reveal your own personal information, but we advise you not to do so.
  • 11 We reserve the right, at our discretion, to monitor, delete or choose not to post any comment. This may include removing or monitoring posts that we believe violate the spirit or letter of these rules, or that we otherwise determine at our discretion needs to be monitored, not posted, or deleted.

Welcome to the discussion.

Poll

Vote on the biggest local story in 2014: See poll below

It has been an eventful year in Lodi, from the antics of a wild turkey named Tom Kettleman to the announced closure of the General Mills plant. What do you see as the biggest story of the year?

Total Votes: 287

Loading…

Your News

News for the community, by the community.

Mailing List

Subscribe to a mailing list to have daily news sent directly to your inbox.

  • Breaking News

    Would you like to receive breaking news alerts? Sign up now!

  • News Updates

    Would you like to receive our daily news headlines? Sign up now!

  • Sports Updates

    Would you like to receive our daily sports headlines? Sign up now!

Manage Your Lists