Federal networks and systems today are under unrelenting attack by persistent, sophisticated and resourceful adversaries who operate on behalf of nation states or criminal groups with the aim of stealing sensitive data, causing harm or exploiting federal and military systems. Furthermore the problem is worsening: The Government Accountability Office reported that cyber incidents affecting federal systems spiked from 5,503 in 2006 to 67,168 in 2014 — an incredible 1,121% increase.
Many of these incidents are likely from advanced persistent threats, or APTs. This category of cyberthreat is particularly difficult to detect and protect against for several reasons. For one thing, APTs are tailored to penetrate specific targeted networks or organizations. For example, an attacker may insert malicious code via an email customized to a specific person with access to a targeted network. The email will be designed to appear as though from a friend, relative or colleague so as to gain that person’s trust in disclosing a password or opening a malicious attachment. Or an attacker may rely on other sophisticated means, sometimes employing so-called “zero day” tactics, which exploit vulnerabilities in software or hardware that are not publicly known.
This Industry Perspective will assess these challenges and offer insights into how existing solutions and technologies can help agencies address them effectively.