Cyber Threats Growing, Officials Tell Homeland Security Subcommittees --- 05/21/2014 During the first seven months of Fiscal Year 2014, the Department of Homeland Security’s (DHS) National Cybersecurity & Communications Integration Center (NCCIC) received 31,593 reports of incidents, detected over 28,000 vulnerabilities, issued more than 4,000 actionable cyber-alerts and had over 252,523 partners subscribe to its cyber threat warning sharing initiative, Larry Zelvin, director of DHS’s National Cybersecurity and Communications Integration Center, told congressional panels Wednesday. NCCIC is an around the clock cyber situational awareness and incident response and management center that serves as a centralized location where operational elements involved in cybersecurity and communications reliance coordinate and integrate cyber security efforts. Joseph Demarest, assistant director of the FBI’s Cyber Division, added that, “The impact of botnets has been significant. Botnets have caused over $113 billion in losses globally, with approximately 378 million computers infected each year, equaling more than one million victims per day, translating to 12 victims per second. Demarest told the joint hearing of the House Committee on Homeland Security’s Subcommittee on Counterterrorism and Intelligence and the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies that, “the frequency and impact of cyber attacks on our nation’s private sector and government networks have increased dramatically in the past decade and are expected to continue to grow.” Demarest said, “The United States faces cyber threats from state-sponsored hackers, hackers for hire, global cyber syndicates and terrorists [who] seek our state secrets, our trade secrets, our technology, our personal and financial information and our ideas, all of which are of incredible value to all of us.” They may even seek “to strike our critical infrastructure and our economy,” he said. “Given the scope of the cyber threat,” Demarest told the subcommittees, “agencies across the federal government are making cyber security a top priority. Within the FBI, we are prioritizing high-level intrusions -- the biggest and most dangerous botnets, state-sponsored hackers and global cyber syndicates. We want to predict and prevent attacks, rather than simply react after the fact.” Continuing, Demarest said, “The need to prevent attacks is a key reason the FBI has redoubled our efforts to strengthen our cyber capabilities while protecting privacy, confidentiality and civil liberties. The FBI’s Next Generation Cyber Initiative, which we launched in 2012, entails a wide range of measures, including focusing the FBI Cyber Division on intrusions into computers and networks, as opposed to crimes committed with a computer as a modality. The Cyber Division established Cyber Task Forces in each of our 56 field offices to conduct cyber intrusion investigations and respond to significant cyber incidents. The Cyber Division has also hired additional computer scientists to assist with technical investigations in the field and expanded partnerships to enhance collaboration with the National Cyber Investigative Joint Task Force (NCIJTF).” “Cyber intrusions into critical infrastructure and government networks are serious and sophisticated threats,” Zelvin said. “The complexity of emerging threat capabilities, the inextricable link between the physical and cyber domains, and the diversity of cyber actors present challenges to DHS and all of our customers. Because the private sector owns and operates a significant percentage of the nation’s critical infrastructure, information sharing becomes especially critical between the public and private sectors.” Zelvin offered an insider’s look at DHS’s response to the notorious “Heartbleed” vulnerability. Heartbleed is a weakness in the widely-used OpenSSL encryption software that protects the electronic traffic across two-thirds of the Internet and in many electronic devices. “Although new computer bugs and malware crop up almost daily, this vulnerability is unusual in how widespread it is, the potentially damaging information it allows malicious actors to obtain and the length of time before it was discovered,” Zelvin said. Zelvin said NCCIC learned of the of the Heartbleed vulnerability on April 7, and in less than 24 hours had “released alert and mitigation information on the US-CERT website. In close coordination with the Departments of Defense and Justice, as well as private sector partners, the NCCIC then created a number of compromise detection signatures for the EINSTEIN system that were also shared with additional critical infrastructure partners.” EINSTEIN is a component of the National Cybersecurity Protection System. Zelvin said DHS immediately began to work “with civilian agencies to scan their .gov websites and networks for Heartbleed vulnerabilities, and provided technical assistance for issues of concern identified through this process. The NCCIC and its components also began a highly active outreach to cyber researchers, critical infrastructure owners, operators, and vendors, federal and SLTT entities, and international partners to discuss measures to mitigate the vulnerability and determine if there had been active exploits.” “Once in place,” Zelvin said, “DHS began notifying agencies that EINSTEIN signatures had detected possible activity, and immediately provided mitigation guidance and technical assistance.”
Posted on: Fri, 23 May 2014 17:01:24 +0000
Trending Topics
Recently Viewed Topics
© 2015