A recent joint report by the Government Business Council and computer firm Dell proposed a process for affirmative attribution of cyber attacks, something that has been murky territory for the government and other targets of cybercriminals in recent years. Knowing the provenance of cyber events offers the chance to bring the right parties to justice, as well as the potential to guard against future attacks by informing cyber strategy.
“The Sony hack was also significant in highlighting the importance of attribution in responding to such cyber attacks,” pointed out GBC and Dell in their report. “The ability to identify perpetrators permits the U.S. to respond and goes a long way toward deterring further attacks. In fact, attribution is integral to the Department of Defense’s cyber strategy. But identifying the sources of cyber attacks also poses an immense challenge.”
GBC and Dell go on to add that the DoD needs the technical expertise, operation savvy and strategy to properly fight back against hackers. Unfortunately, another recent report suggests that the Pentagon isn’t quite up to the task yet, having failed over many years to upgrade their IP address handling protocols. Although I personally would have no idea how to follow the many technical diagrams in the report, I like to think that the federal government might have someone a bit more computer-driven than me on staff to have accomplished that over the last 10 years. I do appreciate the time and budget management problems they might have had, however, because I’ve been watching a lot of ABC’s Scandal lately and I’m fairly certain I’m now an expert on government.
According to Dell and GBC (and common sense, and attention to recent events, and scores of data on past ones), even the federal government can’t hope to halt the tide of cyber attacks, but merely to deter them and make them less successful. Knowing the source of attacks contributes to that success, per the study.
“Attributing a hostile cyber intrusion with a high degree of certainty forms the cornerstone of effective DoD cyber deterrence. Determining the source of an attack will always be a political and subjective decision, but the best evidence about culpability will almost always be found at the technical level,” stated Dell and GBC.
There are a few lessons that all organizations can take from the experience of the DoD. For one, prioritize technology upgrades like your company’s life depends on it. Because, for some, it probably does.
And while less political, being able to attribute attacks against private industry organizations can offer useful information toward preventing future events for other companies. If you as an organization know that a particular make of malware is targeting, oh, healthcare firms, for example, it helps put others on watch.
And a primary takeway should be the fact that the days of sitting around on your cyber porch waiting for the inevitable digital invasion should be over. Every entity, from the Pentagon on down to the mom-and-pop local shop, should have a proactive approach to cybersecurity. The tools are available and accessible. They need only the cooperation of many to be brought to full potential.
Erin is the managing editor of Advisen’s Front Page News. She has been covering property-casualty insurance since 2000. Previously, Erin served as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at [email protected].
