Are United States Security Programs at Risk of Breaches Themselves?

Repeating Hexadecimal BackgroundAs the technological age continues to expand, exceedingly more information is being stored digitally. Even though this allows for easier access and larger storage, the security risks involved are substantially more dangerous than previous methods of data storage.

Recently, America has come under fire on numerous occasions from cyber security breaches, with nearly a 680% increase in security breaches over the past six years. According to Naked Security, a new strategy was unveiled by the White House focusing on modernizing the United States government’s cyber security.

Last year, the U.S. Senate Report found the government’s digital security to be shockingly bad. Even the computer network for Department of Homeland Security, an agency that handles significant cyber security responsibilities, was found to have “hundreds of vulnerabilities” due to out-of-date software.

During that year there were breaches at multiple government institutions, including the U.S. Postal Service, the IRS, and the White House. Low-skilled hacktivists, self-described as teen stoners, even hacked into the director of the CIA’s unclassified personal email account.

In June 2015, the most extensive and most devastating breach in U.S. government history compromised the private information of more than 20 million current and former U.S. government employees. The attack was blamed on America’s strongest cyber-adversary, China.

After a mega-breach at the Office of Personnel Management (OPM), the White House launched a 30-day “cyber security sprint” in order to identify and resolve security holes.

The Cyber Security Strategy Implementation Plan, instituted this week, focuses on five key components: the protection of high-value assets and data, quick response to attacks, rapid recovery and adoption of “lessons learned,” recruitment and retention of cyber security professionals, and efficient acquisition and deployment of new technology.

One recent event that reinforced the importance of having an effective cyber security strategy occurred at seven different U.S. firms. The South China Morning Press reports that the day after Washington and Beijing agreed not to spy on each other for commercial reasons, the security firm CrowdStrike found that software at five U.S. technology and two pharmaceutical companies detected attacks.

The “primary benefits of the intrusion seem clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional, national-security-related intelligence collection,” the company said.

The CrowdStrike co-founder Dmitri Alperovitch said they believe the hackers who attacked the companies were affiliated with the Chinese government. However, a spokeswoman from the Foreign Ministry stated that their government opposed any hacking or stealing of commercial secrets.

Leave a Reply

Your email address will not be published.