By Jose Campos, Presidio of Monterey, Information Assurance Security OfficerMay 20, 2010
PRESIDIO OF MONTEREY - Information Assurance (IA) for many is a vague, high-level, broad sounding topic that may evoke images or thoughts of an Information Technology (IT) specialist or technician scanning your system for viruses, installing some form of an update or possibly restricting access to your favorite social media or game sites.
It may appear on the surface that these actions are there solely to prevent users from accessing something they want or to somehow slow the system or network access. In truth, Information Assurance (IA) has become a very critical component of any organization's information systems management strategy to ensure that data and systems integrity, confidentiality and availability are protected and available to support the mission.
Threats to systems and data come in many forms ranging from malware infecting a system, loss of a laptop with sensitive information, unauthorized privileged access by a disgruntled employee to a sophisticated cyber attack on critical systems by a malicious foreign source or cyber terrorist organization. Cyber attacks, according to experts, have become so sophisticated and serious that many governments have devoted entire organizations that specialize in counter cyber intelligence full time to combat this problem.
The number and criticality of government systems that would, if compromised, have the potential to cause loss of life or severe economic damage, is already very large and growing. For this reason would-be foreign cyber terrorists, according to experts, have focused many resources, both technical and economic, in trying to exploit vulnerabilities in Information and Communication Systems.
The ever increasing number of sophisticated tools available for free download from the Internet means that a broad technical expertise is no longer required to be able to locate and exploit a vulnerable system. In the same manner that a conventional terrorist or malicious attack may be designed to cause physical harm to people or possibly severely damage or disrupt an economy or a nation, a foreign cyber attacker may achieve the same objectives by exploiting vulnerabilities in Government Information Systems.
Some of the vulnerabilities that may be exploited include: (1) Social Engineering attacks where a user is "tricked" into disclosing important personal or sensitive information such as passwords to a source that they believe to be legitimate, (2) Distributed Denial of Service (DDoS) attacks where a network is overwhelmed and basically paralyzed, and (3) malware, such as viruses, Trojans, and worms, designed with the intent to infiltrate, damage or destroy a system.
There have been several very public cases of foreign governments and financial system being crippled by a series of large-scale sophisticated cyber attacks which have resulted in damages in the tens of millions of dollars not to mention the human toll. Obviously with the critical war-time mission of our DoD systems, preventing these types of scenarios from occurring is essential and requires comprehensive Information Assurance policies and practices by all involved from the regular system user to the IA experts to the leadership.
It is critical that all involved remain vigilant against possible threats, maintain their Information Assurance and situational awareness at all times, practice Operational Security (OPSEC) techniques, and finally report any and all events and incidents that may seem suspicious to their Information Assurance team or local Military Intelligence (MI) unit.
While there is no "silver bullet" against these threats, a unified response can go a long way to protecting our local, Army, and DoD Information Systems.