Page 24 - Cyber Warnings
P. 24
However, as we continue to move more and more of our businesses, critical infrastructure and
critical equipment onto the internet, we’ve become the biggest target in the world – for Russia,
China, Iran, North Korea and other nation states as well as cyber terrorists to target, at our
expense and the risk of human life.
Background – America’s Failure at Cyber Defense
Since the recent Pentagon breaches, the White House breach under the Obama administration
and the Office of Personnel Management breach (OPM) of over 21,000,000 personally
identifiable information (PII) records and even an Affordable Care Act partner, Anthem Blue
Cross Blue Shield, losing over 80,000,000 PII records to the Chinese and Russians, we know
something in Washington when it comes to Cybersecurity, is broken.
When Mrs. Clinton was able to setup a personal mail server to handle classified communications
with the Department of State and others, we know there is something very wrong in how our
government has handled Cybersecurity.
When the North Koreans were able to harm a commercial entity, Sony Pictures Entertainment,
on US soil, simply through remote, covert means, over the Internet, we know something is
broken in America’s Cybersecurity posture.
Allowing the use of Cyberspace to grow, unfettered, is important, however, we need to do so,
while keeping in mind that America is under attack, constantly. Here’s my common sense
recommendations to help fix our broken Cybersecurity Infrastructure for a safer America:
US GOVERNMENT PUBLIC-FACING EMAILS
What if all email communications in and out of US Government agencies must immediately be done
as text only, with no attachments or hyperlinks? What would that do to stop all the cyber espionage
data theft and data leakage?
While this may appear to be an initial inconvenience, no longer will the White House or OPM or
other agencies fall victim to well-crafted spear phishing attacks that harbor Remote Access Trojans
(RATs), designed to infiltrate, eavesdrop and steal information for other nation state cyber actors.
Over time, when a 100% secure email and hyperlink scrubbing system is in place, guaranteeing
that the attachments or links do not cause a breach in our national security, only then will these
public facing emails be allowed to become ‘rich text’ and HTML and exchange file attachments.
Until such time, the transfer of files will be done through means which guarantee the sender and the
recipient are sharing non-malicious URLs and attachments.
24 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
