CybersecurityVirtually every agency of the U.S. government has been hacked: Experts

Published 12 September 2014

DHS’ National Cybersecurity and Communications Integration Center (NCCIC) has so far responded to more than 600,000 cyber incidents this fiscal year; has issued more than 10,000 alerts to recipients to help secure their systems; and in seventy-eight cases deployed DHS experts to provide technical assistance.Robert Anderson, the executive assistant director for the FBI’s Criminal, Cyber, Response, and Services branch, told lawmakers that virtually all agencies of the U.S. government have in some way been hacked.

The Obama administration has prioritized improving the nation’s cybersecurity defenses, but some of the U.S. top cybersecurity officials want the government to adopt better proactive measures against state-sponsored hackers or cyber terrorists who target both public and private sector network systems.

Earlier this week, the Senate Committee on Homeland Security and Governmental Affairs held a hearing with leading cybersecurity officials. Suzanne Spaulding, head of DHSNational Protection and Programs Directorate, told the committee that the department’s National Cybersecurity and Communications Integration Center (NCCIC) has so far responded to more than 600,000 cyber incidents this fiscal year; to which NCCIC has issued more than 10,000 alerts to recipients to help secure their systems; and in seventy-eight cases, deployed DHS experts to provide technical assistance.

NextGov report that while cyber hackers have targeted several firms such as Target, Home Depot, and critical infrastructure companies, government networks are also facing tremendous risk. Robert Anderson, the executive assistant director for the FBI’s Criminal, Cyber, Response, and Services branch, told the committee that virtually all agencies of the U.S. government have in some way been hacked, adding that those that have not reported cyberattacks are probably unaware of the incidents. “The bottom line is, we’re losing a lot of data, money and innovation” to adversaries in cyberspace, he said.

Anderson anticipates further collaboration between government cybersecurity teams and the private sector to stay ahead of cyber criminals. “We’re engaging in an unprecedented level of collaboration,” adding that relationships with industry, international law organizations, and trade groups should expand. To date, the FBI has issued at least forty near real-time alerts on “current and emerging threat trends and technical indicators,” to the private sector, with roughly 50 percent of those alerts sent to the financial industry.

I’m happy to see the FBI being aggressive on deterrence,” said Senator Tom Coburn (R-Oklahoma). “For so long, we thought building a higher wall was (the way to protect), but people are going to climb over any wall we have. We need prosecutorial deterrence. I’m thankful of that attitude from FBI both domestically and internationally.”

DHS applauds the increased information sharing between the private and public sector, but the department wants congressional action to require better cybersecurity for government and critical infrastructure firms. “Information sharing is only one element of what is needed,” Spaulding said. “We also need to update laws guiding federal agency network security; give law enforcement the tools needed to fight crime in the digital age; create a national data breach reporting requirement; and promote the adoption of cybersecurity best practices within critical infrastructure.”