The high-tech industry continues to create and innovate in the field of data communications and also data privacy and protection. There are billions of dollars spent on the research and development of new products and taking them to market. Then the private sector sells products to private customers, as well as government organisations, that can benefit from those products and services. The problem? The criminal sector seems to be creating malware at a faster pace than the private sector is developing defences.
Is that really the way it is going? Well, the answer may be the proverbial ‘yes and no’. In support of the argument that government is following, not leading, we have a United States GAO report that chides the Department of Homeland Security for being lax on creating and classifying critical cyber defence positions. The idea passed into law by the Senate in 2014, was designed to ensure that government organisations had the necessary tools in place to secure agency systems and to pass that information to the private sector as well. The GAO gave the DHS a 79% success rate for that task. This leaves many gaps and vacancies still open four years after the law was passed.
While a little slow with the execution, the good news is that DHS has now committed to acting on the GAO recommendations and boost its performance by June 2018. This will allow other government organisations, as well as private industry, to take advantage of this “template” for developing strong cyber defences.
In the meantime, however, hacks continue. A most recent surveillance phishing attack that originated from Beirut compromised Android phones in North America and Europe by sending links to a website that was controlled by the hackers, a group called Dark Caracal. The links contained surveillance malware that could steal data, take photos and spy on communication apps. This was not a sophisticated hack and the cover was blown by the hackers leaving cyber clues that allowed the malware to be traced to the Beirut group.
In the United States, thirteen Russian operatives have been indicted for attempting to influence the democratic election of a sovereign nation. The Russian plan was to use Bots and fraudulent social media identities to favour their preferred candidate over the other. The point here is that cybersecurity is not only to stop theft or infrastructure damage but also to defend against a foreign attack against a nation’s ideals as well.
Now let’s shift gears from an attitude of, “we know we have a problem and we are getting around to it,” to “we have a plan and are putting it into action.” The British government, according to a February report from the NCSC, has a plan to actively defend the U.K. against high-volume commodity cyber-attacks. The National Cyber Security Centre’s Active Cyber Defence Program plans to actively test and utilise cyber protection measures that it will propose to all government and private organisations. The plan is to prove the worth of various cybersecurity programs on in-house systems then report successful results for use by others.
As a result of this program, the U.K. has been able to reduce the number of phishing sites hosted in the U.K. by enlisting the cooperation of the hosting providers to take down the malicious operations. This sounds obvious but has been successful in cutting the U.K.’s share of hosted phishing sites almost in half.
Other cybersecurity initiatives being implemented by the U.K. program include using technology to cut down spoofed gov.uk addresses, a Web Check service the tests public sector websites for security issues, a public-sector DNS service that checks and blocks known malicious domains and other technologies to make spoofing more difficult. These services are deployed and proved on government systems, and then delivered in the form of guidance to the private sector.
This is a great example of a government actively taking the lead on protecting its citizens and organisations from cyber-attacks. The tech giants are also working in cooperation with governments and private organisations to help combat this growing problem.
Siemens, Airbus, Allianz, Daimler, NXP, SGS, T-Mobile and the Munich Security Conference outlined a new effort called Charter of Trust. T