The private sector has stood in the spotlight of cyber security scrutiny and concern for a while now, with an endless stream of retailers and financial institutions falling victim to large-scale digital attacks. While breaches in the public arena have not eclipsed the scale of these enterprise incidents, the federal government still fends off millions of hack attempts on a daily basis. You must remain vigilant with strong end user policies and protective measures within your infrastructure to ensure the protection of vital employee information and agency assets in this hazardous digital landscape.
Attacks not forgotten
With corporate cyberattacks compromising billions of user credentials in the past five years, it's easy to forget that even the world's most secure networks - those that power IT operations at the federal level - are not exempt from jeopardy at the hands of evolving cybercriminal forces. An ABC Go article served as a reminder that while your digital assets may appear safe from harm, there are several recent examples proving that a breach can affect any corner of the digital arena. Here are three tales of federal cyber slip-ups that may have fallen from memory:
- The WikiLeaks scandal of November 2010 involved Army Pfc. Chelsea Manning, who downloaded over 700,000 secret military and State Department documents from a classified network to be published online. Using a CD and thumb drive to distribute files to the whistleblower network, Manning was eventually charged with six Espionage Act violations.
- July 2014 saw the indictment of Lauri Love, a British hacker who infiltrated database resources at the U.S. Energy and Health and Human Services departments and the FBI's Regional Computer Forensics Laboratory, among others. He is thought to have stolen a wealth of confidential information relating to government operations and employee credentials.
Just last month, a cyberattack believed to have originated from Russia targeted networks at the White House. While the breach was contained early on and no critical data was jeopardized, the incident proved that even the most well-defended outpost of America's federal government is vulnerable to infiltration from malicious foreign organizations
While the United States Postal Service may not be responsible for safeguarding highly confidential materials such as those protected by Homeland Security or the Defense Department, it must still combat intrusive efforts from cybercriminals after its financial and employee records. According to the Christian Science Monitor, the organization recently found itself in crisis mode as an external attack led to the exposure of over 800,000 personal credentials held within its networks.
"It is an unfortunate fact of life these days that every organization connected to the Internet is a constant target for cyber intrusion activity," said Postmaster General Patrick Donahoe in a statement. "The United States Postal Service is no different. Fortunately, we have seen no evidence of malicious use of the compromised data and we are taking steps to help our employees protect against any potential misuse of their data."
The attack, which reportedly began in January and wasn't fully controlled until August, reiterates the harsh truth once again: Cyber security is an ongoing battle that must be fought on all fronts.