Mounting cyberattacks have motivated the federal government to launch a $10 billion dollar project to secure sensitive data, but federal contractors and employees continue to undermine the efforts, The Washington Post reports.
The project as a whole has been unable to keep up with the sophistication of hackers. And from inside the federal government, the employees who have accidentally aided attackers come mostly from the Departments of Defense, Education, and about 10 other agencies. These workers are easily duped into sharing information with hackers through falling prey to phishing emails and visiting websites full of malware.
However, significant improvement can be made on the employee side. An incredible 21 percent of government breaches could be traced back to security indiscretions committed by federal employees. Some attacks came in the form of Amazon orders, in an attempt to trick employees to click on the link, and a Government Accountability Office report earlier in June found that employees are often not given the security training they desperately need.
“No matter what we do with the technology … we’ll always be vulnerable to the phishing attack and … human-factor attacks unless we educate the overall workforce,” said Eric Rosenbach, Assistant Secretary of Defense for Homeland Defense and Global Security.
According to intelligence officials, cybersecurity is now the number one threat facing the United States, beating terrorism for the first slot.
“There’s also a much bigger allure to use these skills to make money, in a criminal sense,” said Marc Maiffret, former hacker and co-founder of the cybersecurity firm Beyond Trust.
Concern has been building since the 1960s and continuing through the Cold War, but 2006 was the beginning of a new era of escalating attacks, with 87 million sensitive records stolen from federal government networks alone. The information on breaches was compiled by the Privacy Rights Clearinghouse, which tracks every time a government hack is reported. It turns out that during the same period of time, the private sector performed even more poorly. Retail businesses lost 255 million records, and financial institutions lost 212 million records.
In 2013 alone, the U.S. Computer Emergency Readiness Team (US-CERT) had to respond to 228,700 cyberattacks from crucial enterprises in the U.S., involving government systems, and private sector systems which run nuclear technology, dams, power plants, and transportation systems.
“It’s a much bigger challenge than anyone could have imagined 20 years ago,” said Phyllis Schneck, deputy undersecretary for cybersecurity at the Department of Homeland Security.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.
The opinions expressed by columnists are their own and do not necessarily represent the views of Barb Wire.