01:57 PM

Federal Cyber Attacks Rose 39% In 2010

While total incidents reported to US-CERT were down, government networks experienced more attacks than in 2009, according to a Congressional report.

10 Massive Security Breaches
(click image for larger view)
Slideshow: 10 Massive Security Breaches
Cyber attacks on the federal government increased in 2010 over the previous year, even though the total number of cybersecurity incidents was down overall, according to a new report from the Office of Management and Budget (OMB).

There were 41,776 reported cyber incidents of malicious intent in the federal network in 2010 out of a total 107,439 reported to the United States Computer Emergency Readiness Team (US-CERT), according to the OMB's fiscal year 2010 report on federal implementation of the Federal Information Security Management Act (FISMA). The number represented a 39% increase over 2009, when 30,000 incidents were reported by the feds, of 108,710 attacks overall, according to the report.

In terms of types of attacks, phishing remained the top threat plaguing federal networks, although numbers were down slightly year over year. In 2010 the feds reported 56,579 phishing attacks, or 52.7% of the total number of incidents. In 2009, they reported 70,132 phishing attacks, or 64.5% of that year's total.

Attacks by Trojans, viruses, worms, and logic bombs were up slightly year over year, however, with 11,001 reports of such attacks, or 10.2% of the total number in 2010. In 2009, there were 8,779 reports of such attacks on federal networks, or 8.1% of the total number of incidents.

The fiscal year 2010 FISMA report is the most comprehensive to date about the state of cybersecurity among agencies and the progress being made in this area. FISMA is a National Institute of Standards and Technology (NIST) security standard for cybersecurity and provides oversight for how agencies are handling this issue.

Federal officials like U.S. CIO Vivek Kundra so far have been vague about how much federal investment is going toward cybersecurity and where the feds are spending the money, but the 2010 report has some solid figures and data and where cybersecurity investment goes.

The federal government spent about $12 billion on IT security, or about 15% of the approximately $80 billion annual federal IT budget, according to the report. Personnel took up a good chunk of those costs, including salaries and benefits of government employees and the cost of paying contractors. Non-defense agencies spent 74% of their IT security costs on personnel-related activities, according to the report.

The report also shows the progress agencies are making in terms of implementing FISMA, depicting a scenario in which this activity has gone from an afterthought to a priority for which agencies are changing their policies.

It used to be that the data security professionals needed to analyze to better protect agency system was not available until after it would be useful, according to the OMB. However, agencies have developed new methods to protect their systems "to move FISMA implementation toward the real-time detection and mitigation of security vulnerabilities," according to the report.

The White House Cybersecurity Coordinator and the Department of Homeland Security (DHS) have been working together with agencies via two initiatives -- Trusted Internet Connection and Einstein -- to develop better insight into threats, according to the OMB.

Moreover in fiscal year 2010, agencies started reporting detailed security metrics through Cyberscope, a Federal system aimed at obtaining an accurate picture of agencies' security practices.

The next phase of this work will be the introduction in fiscal year 2011 of what's called the CyberStat management model across the federal government, according to the report. Through this, agency leaders will meet to examine security metrics reports from Cyberscope to develop plans to address cybersecuity issues revealed in that data.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio