|
It's difficult not to be aware of the news of cyber breaches and
incidents hitting the news of late. Whether it is the recent Officer
Personnel Management breach that potentially disclosed sensitive
info of millions of federal workers or the NSA website being hacked,
cyber is in the news.
Rarely has there been a time where
cyber attacks have been so far reaching, impacting all sectors, be
it public or private. Historically, it seemed the cyber headlines
were made up breaches and attacks at the commercial brand mega
stores. This created a prevalent feeling easy to embrace that if I
am not a consumer at these stores, such as Barnes & Noble or Target,
I have nothing to be concerned about.
One could have the
false sense of security that surely these Fortune 500 companies will
protect my sensitive information or perhaps you were potentially
impacted and received a form letter that entitles you to free credit
checks, which you disregard and toss aside. Consider the surreal
reality of suspected North Korean actors hacking Sony Pictures in
retaliation of a movie release they viewed as objectionable. These
are just a few cyber security incidents that have hit the news radar
and are not inclusive of the many events that have occurred under
the radar. This underscores the critical importance of cyber
security in our daily operations as these attacks have widespread
and far reaching impacts and potential to hit everyone, all sectors.
Most attacks start their root at the micro level as in one
compromised system, such as an unsuspecting end user opening a
malicious link or a system administrator inappropriately using the
root account installing unapproved software with vulnerabilities.
Certain attacks can leverage remote code execution and can be
implemented on non-secure websites via SQL injection or cross site
scripting. There are many exploits within software (i.e. MS Office,
Internet Explorer, Adobe Flash etc.) that cyber professionals and
system administrators constantly guard against by managing risk and
applying patches and hardening systems.
However, attackers
just need one vulnerability, only one opening to exploit and take
advantage of to penetrate a network and impact one of the tenets of
security be it confidentiality, integrity, or availability. Impact
on any of these can marginally or massively disrupt operations. In
some cases, it can be drip phenomenon in which cyber analysts don't
detect the attack until months later as these adversaries leverage
stealth techniques to disguise their tracks and incrementally
perform data theft undetected.
Hackers may leverage phishing
emails, which appear benign but may have underlying malicious
software to penetrate network security. Perhaps unsuspecting users
will submit their personal info into a fake website compromising
their personal and/or professional account information. When a
hacker has access to an Army computer network, the hacker may be
able to disrupt unit command and control, as well exfiltrate
critical information that could impact the unit's mission. As these
attacks get more provocative and sophisticated, it is all our
responsibility (cyber professionals or systems users) to be more
cognizant of proper security.
The cyber landscape has become
the medium in which attackers want to steal or manipulate personal
information to violate confidentially and integrity. Our missions
all heavily rely on automation and any disruptions can have major
consequences impacting vital operations. Their motives may be
personal in nature for financial gain as cyber fraud, script kiddies
in conquest of attack for sure thrills, or they may be malcontent
attackers representing their political agenda as state or non-state
actors. Worse yet, their tactics may couple of cyber-attacks and
conventional means to threaten our security.
Regardless of
intent, doctrine has changed just as the traditional war front has
changed, with an additional dimension. We must protect our interests
via air, land, sea, and now cyber. These actors, be it state or
non-state, are increasing their threat vectors and we have to be
ready at both the individual and the enterprise system level.
The Army has made major inroads with our training to create
awareness of cyber threats. This foundation is where it starts. The
technical controls have to be implemented at the enterprise level
but the common denominator is user access, which tier approach of
security relies on.
A common refrain in the Army is that we
all serve as property book officers because property is everyone's
business to ensure protection of equipment and to be good stewards
of tax payers' money. Another adage should be added to our
collective consciousness, “We are all cyber warriors playing a
critical role in protecting vital information and network security.”
Here are some important rules to follow to practice cyber
security:
- Utilizing the proper classification level for
correspondence to protect personally identifiable information and
sensitive information, ensuring there are no cross domain
violations, and exercise good operations security for all
communications to include social media engagement (Facebook, Google
+, Twitter, LinkedIn, Foursquare etc).
-
Don't post sensitive
work information or photographs (some include geo-locations) on the
internet; always assume a threat adversary is reading your material.
Additionally, be cognizant and careful who you allow into your
social network.
-
Always securing one's common access card
and adhering to good ‘cyber hygiene' as to not fall prey to phishing
scams or click on suspicious links that may activate malicious
injects or lead to unintended sharing of personal info on fake
websites.
-
Be cognizant of social engineering tactics that
try to take advantage of one of the weakest links, human behavior.
Manage our network boundary by never connecting unauthorized
devices.
-
Manage password complexity on systems you engage
with that don't require a public key infrastructure certificate.
It's about managing the cross section of human behavior and
technical controls to minimize and manage cyber risk via policies
and technical guides.
-
Be wary of open wireless networks
where hackers can prey on open networks with packet analysis to
capture sensitive information such as passwords and banking
information. Therefore always connect via VPN if available to
protect your information or minimize use of open wireless networks.
We all play vital roles as links in the proper defense of our
networks and more appropriately cyber warriors. Let us all be security
conscious throughout the year and enhance our security posture
across the spectrum of our operations.
By Asheesh Nikore, 335th Signal Command, U.S. Army
Provided
through DVIDS
Copyright 2016
About the author: Mr. Asheesh Nikore works as a Cyber
Security Professional (Information Assurance Manager) at the 335th
Signal Command (Theater) in East Point, Georgia in support of risk
management and maintaining secure operations. As a citizen soldier,
Capt. Asheesh Nikore is a 15 year veteran of the U.S. Army Reserve
as a Signal officer and currently a Cyber Defense Detachment
Commander within the DISA Army Reserve Element leading Defensive
Cyber Operations. With a BS of Engineering at Georgia Tech, he holds
his CISSP, CEH, ITILv4, Security and Network Plus certifications.
Comment on this article |
