It's difficult not to be aware of the news of cyber breaches and incidents hitting the news of late. Whether it is the recent Officer Personnel Management breach that potentially disclosed sensitive info of millions of federal workers or the NSA website being hacked, cyber is in the news.
Rarely has there been a time where cyber attacks have been so far reaching, impacting all sectors, be it public or private. Historically, it seemed the cyber headlines were made up breaches and attacks at the commercial brand mega stores. This created a prevalent feeling easy to embrace that if I am not a consumer at these stores, such as Barnes & Noble or Target, I have nothing to be concerned about.
One could have the false sense of security that surely these Fortune 500 companies will protect my sensitive information or perhaps you were potentially impacted and received a form letter that entitles you to free credit checks, which you disregard and toss aside. Consider the surreal reality of suspected North Korean actors hacking Sony Pictures in retaliation of a movie release they viewed as objectionable. These are just a few cyber security incidents that have hit the news radar and are not inclusive of the many events that have occurred under the radar. This underscores the critical importance of cyber security in our daily operations as these attacks have widespread and far reaching impacts and potential to hit everyone, all sectors.
Most attacks start their root at the micro level as in one compromised system, such as an unsuspecting end user opening a malicious link or a system administrator inappropriately using the root account installing unapproved software with vulnerabilities. Certain attacks can leverage remote code execution and can be implemented on non-secure websites via SQL injection or cross site scripting. There are many exploits within software (i.e. MS Office, Internet Explorer, Adobe Flash etc.) that cyber professionals and system administrators constantly guard against by managing risk and applying patches and hardening systems.
However, attackers just need one vulnerability, only one opening to exploit and take advantage of to penetrate a network and impact one of the tenets of security be it confidentiality, integrity, or availability. Impact on any of these can marginally or massively disrupt operations. In some cases, it can be drip phenomenon in which cyber analysts don't detect the attack until months later as these adversaries leverage stealth techniques to disguise their tracks and incrementally perform data theft undetected.
Hackers may leverage phishing emails, which appear benign but may have underlying malicious software to penetrate network security. Perhaps unsuspecting users will submit their personal info into a fake website compromising their personal and/or professional account information. When a hacker has access to an Army computer network, the hacker may be able to disrupt unit command and control, as well exfiltrate critical information that could impact the unit's mission. As these attacks get more provocative and sophisticated, it is all our responsibility (cyber professionals or systems users) to be more cognizant of proper security.
The cyber landscape has become the medium in which attackers want to steal or manipulate personal information to violate confidentially and integrity. Our missions all heavily rely on automation and any disruptions can have major consequences impacting vital operations. Their motives may be personal in nature for financial gain as cyber fraud, script kiddies in conquest of attack for sure thrills, or they may be malcontent attackers representing their political agenda as state or non-state actors. Worse yet, their tactics may couple of cyber-attacks and conventional means to threaten our security.
Regardless of intent, doctrine has changed just as the traditional war front has changed, with an additional dimension. We must protect our interests via air, land, sea, and now cyber. These actors, be it state or non-state, are increasing their threat vectors and we have to be ready at both the individual and the enterprise system level.
The Army has made major inroads with our training to create awareness of cyber threats. This foundation is where it starts. The technical controls have to be implemented at the enterprise level but the common denominator is user access, which tier approach of security relies on.
A common refrain in the Army is that we all serve as property book officers because property is everyone's business to ensure protection of equipment and to be good stewards of tax payers' money. Another adage should be added to our collective consciousness, “We are all cyber warriors playing a critical role in protecting vital information and network security.”
Here are some important rules to follow to practice cyber security:
- Utilizing the proper classification level for correspondence to protect personally identifiable information and sensitive information, ensuring there are no cross domain violations, and exercise good operations security for all communications to include social media engagement (Facebook, Google +, Twitter, LinkedIn, Foursquare etc).
Don't post sensitive work information or photographs (some include geo-locations) on the internet; always assume a threat adversary is reading your material. Additionally, be cognizant and careful who you allow into your social network.
Always securing one's common access card and adhering to good ‘cyber hygiene' as to not fall prey to phishing scams or click on suspicious links that may activate malicious injects or lead to unintended sharing of personal info on fake websites.
Be cognizant of social engineering tactics that try to take advantage of one of the weakest links, human behavior. Manage our network boundary by never connecting unauthorized devices.
Manage password complexity on systems you engage with that don't require a public key infrastructure certificate. It's about managing the cross section of human behavior and technical controls to minimize and manage cyber risk via policies and technical guides.
Be wary of open wireless networks where hackers can prey on open networks with packet analysis to capture sensitive information such as passwords and banking information. Therefore always connect via VPN if available to protect your information or minimize use of open wireless networks.
We all play vital roles as links in the proper defense of our networks and more appropriately cyber warriors. Let us all be security conscious throughout the year and enhance our security posture across the spectrum of our operations.
By Asheesh Nikore, 335th Signal Command, U.S. Army
Provided through DVIDS
About the author: Mr. Asheesh Nikore works as a Cyber Security Professional (Information Assurance Manager) at the 335th Signal Command (Theater) in East Point, Georgia in support of risk management and maintaining secure operations. As a citizen soldier, Capt. Asheesh Nikore is a 15 year veteran of the U.S. Army Reserve as a Signal officer and currently a Cyber Defense Detachment Commander within the DISA Army Reserve Element leading Defensive Cyber Operations. With a BS of Engineering at Georgia Tech, he holds his CISSP, CEH, ITILv4, Security and Network Plus certifications.
Comment on this article