The Federal Government and Cybersecurity Risks
Infiltrating government data is highly treacherous and illegal. Cybercriminals may steal government files, share and disclose private information, and disrupt politics to disunify the country. The Cybersecurity and Infrastructure Security Agency, under the United States Department of Homeland Security, defends the government against cyber threats.
However, much of the U.S. government tends to have a reactive approach to data management and security. Since data supports government work, cybersecurity risks are high.
What Are the Challenges the Federal Government Faces with Cybersecurity?
One of the main sources of cyberattacks is the widespread adoption of Internet of Things devices (IoT). IoT can underpin government business objectives, promote technology, deliver services to citizens, and can assist administrators.
However, the implementation of IoT technologies can present security risks. IoT procurement and assimilation lead to risks when security is not taken into account. A publication from the National Institute of Standards and Technology (NIST) establishes a benchmark for government organizations that have merged existing technology systems with IoT. It identifies a need for security by acknowledging the “increasing scale, heterogeneity, and pace of IoT deployment."
Additionally, the government has distinct cyber challenges:
- Considering the diversity of the US population, it’s massive compared to other corporations. It’s also harder to secure based on the government's complexity.
- Over the decades, the growing introduction and application of technology were initially unsystematic and chaotic. This produced technology infrastructure without sound security to match this escalation.
- Archaic government legacy tech systems lead to risks as more cyber vulnerabilities are present.
The Washington Post explores this further in an analysis announcing the new order of government cybersecurity monitoring. It’s a pivotal resolution that can authorize broad safety measures across U.S. government technology systems. We discuss the types of action the government is taking to enforce cybersecurity later on.
It’s significant to note that the approach to cybersecurity hasn’t been methodical or infallible. Until the push for controlled and streamlined cybersecurity, there was no comprehensive standard.
How Do Cyberattacks Affect the US Government?
Data within government can be at risk. IoT devices collect copious amounts of data, some confidential. Three types of data from NIST can indicate why the government is a target for hackers:
- Personal Data - Government technology has access to private information on individuals across the nation. IoT devices have the ability to “sense or collect data of, from, or about people, which can constitute personal data and represent privacy sensitive data.”
- Confidential Organizational/Federal Government Data - IoT devices create and supply classified information for device prototypes, organization-restricted test results, and analysis materials. Breaching this data can disclose and subvert sensitive data the government keeps.
- Environmental Data - As with people, the government has privileged information on the physical environment. If wrongly exploited, it could cause corruption.
Five Examples of Cybersecurity Violations
- January 2022: The Ragnar Locker ransomware group breached ten different sectors, including the government industry. The attack involved 52 critical infrastructure entities. Due to the ongoing Russian invasion of Ukraine, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) urge organizations to patch against 95 common security weaknesses Russian threat actors employ.
- March 2022: Between 2012 and 2018 four Russian government employees participated in hacking campaigns to install backdoors and deploy malware in operational technology (OT). It affected critical infrastructure companies primarily in the energy sector. These criminals were later charged by the U.S. Department of Justice.
- March 2022: An espionage operation occurred when hackers in connection with the Chinese government invaded six U.S. state agency networks. Vulnerabilities within government technology made the penetration possible.
- July 2021: Over 100,000 Microsoft Exchange servers suffered a global hack at the beginning of the year. The European Union, NATO, and the U.S. issued statements inculpating the Chinese government for the outbreak of cyberattacks. China became the culprit of a series of significant cyber incidents.
- December 2020: There were claims that cyberspies working for Russia interfered with the U.S. Treasury and Commerce department’s internal email traffic from SolarWinds updates. Government customers from the executive branch, intelligence services, and the military use SolarWinds for technology. Hackers deployed a “supply chain attack” trick hiding “malicious code in the body of legitimate software updates provided to targets by third parties.”
What Action is Government Taking to Enforce Cybersecurity?
As mentioned above, The Washington Post detailed the unprecedented solution for monitoring tools. The Cybersecurity and Infrastructure Security Agency (CISA) will carry out this plan. It's brought on by the repeated government subjection to “the world’s most sophisticated hackers backed by Moscow and Beijing."
Endpoint Detection and Response (EDR) is a tool to detect “hacking threats on computers and servers at 15 federal agencies.” CISA is installing these tools at 11 other agencies. As part of President Biden’s order for CISA to continue this plan, they will install EDR at 53 agencies by September. This is “slightly over one-half of all federal government agencies.”
In addition, the bipartisan Internet of Things Cybersecurity Improvement Act of 2020 became federally recognized. The act mandated IoT devices comply with NIST security guidelines. However, it’s exclusive to devices owned and operated by the federal government. There remains “no universal standards” for cybersecurity in government.
How Can the Federal Government Protect Against Cyberattacks?
The NIST Special Publication for Establishing IoT Device Cybersecurity Requirements investigates the known government cybersecurity and privacy vulnerabilities. By determining known vulnerabilities, there can be proactiveness and prevention.
Cyberattacks may happen with the most secure cybersecurity. When cyberattacks take place, “organizations [must] identify and address risks introduced…through other means.”
As hackers breach critical government infrastructure and data with advanced technology, there is a push for cybersecurity to countervail.
The White House recommends backing up data and ensuring there are “offline backups beyond the reach of malicious actors.” They also encourage running exercises and drilling “emergency plans” for quick response preparation “to minimize the impact of any attack.”
Security is central to software design at Macrium. Our applications give you complete control over where your data is stored and will operate fully offline for the most secure, air-tight networks.
Macrium Software is skilled at image backups that assure users of full coverage when cybersecurity is at-risk. Government data should not be left up to chance. When it comes to protecting personal and federal information, choosing reputable software backup is consequential.
We have solutions to fit various government needs and concerns. Check out our website to learn about installing effective backups to prevent data loss at Macrium.com.
Author: Hailee Claycomb