Risk
9/20/2011
05:07 PM
50%
50%

Federal IT Top Worries: Complex Attacks, Inside Threats

Government IT professionals also say that long waits for approvals are hindering their ability to secure networks, according to a new study.

What's worrying federal IT professionals most? The increased sophistication of cyber attacks and insider threats top the list of cyber security concerns, according to a new study. Federal IT teams also continue to struggle with budget cuts and long waits for supervisor approval in their attempts to secure their networks, the study finds.

71% of those who responded to a new federal cyber security study listed the increased sophistication of attacks as the top security risk that they expect to face in the next 12 months. Negligent use of information by internal personnel was a risk cited by 63% of respondents. Cisco System sponsored the study, which was conducted by Market Connections and surveyed 200 federal IT decision makers.

Increased use of social media also is troubling more than a majority of respondents, with 63% citing it as a top concern for the next year. Federal agencies increasingly are using social media to engage with the public, even though they have worries about security and privacy risks.

One surprising result of the survey: Cloud computing ranked relatively low on the list of federal cyber security concerns, with only 35% of survey respondents citing it as a top risk for the next 12 months.

[ Pacific Northwest National Laboratory CIO Jerry Johnson takes you inside the cyber attack that he faced down--and shares his security lessons learned, in Anatomy of a Zero-Day Attack.]

Like social media, cloud computing's use among the feds is on the rise as part of efforts to increase efficiencies and reduce costs. Security has been a chief worry that in the past has impeded its use. However, other research also has found that federal IT officials slowly are warming to the security of the cloud, so signs seem to indicate that concerns about its risks are slackening.

While cybersecurity concerns vary, phishing continues to be the top threat federal agencies face, according to the survey, with nearly half of those surveyed saying that their department or agency has faced a phishing attack in the last 12 months.

This finding is in line with reports from the government’s own United States Computer Emergency Readiness Team (US-CERT), which logs reports of cyber attacks on federal networks. In its analysis of 2010 attacks, phishing remained the top threat.

Even as they take preventative measures to secure against these and other cybersecurity risks, federal IT professionals continue to face limitations to doing so. More than half (55%) said it takes too long to get approval from supervisors to put solutions in place to protect networks. Federal budget cuts also negatively affect cyber security goals, 53% reported. Adapting quickly to the evolving nature of threats also is a problem for federal agencies, 46% of respondents said.

Agencies also lack an effective process to respond to a cyber attack, according to 51% of those surveyed, while half of respondents said that they lack a clear picture of all of the activity on networks.

Join us for GovCloud 2011, a day-long event where IT professionals in federal, state, and local government will develop a deeper understanding of cloud options. Register now.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2208
Published: 2014-12-28
CRLF injection vulnerability in the LightProcess protocol implementation in hphp/util/light-process.cpp in Facebook HipHop Virtual Machine (HHVM) before 2.4.2 allows remote attackers to execute arbitrary commands by entering a \n (newline) character before the end of a string.

CVE-2014-2209
Published: 2014-12-28
Facebook HipHop Virtual Machine (HHVM) before 3.1.0 does not drop supplemental group memberships within hphp/util/capability.cpp and hphp/util/light-process.cpp, which allows remote attackers to bypass intended access restrictions by leveraging group permissions for a file or directory.

CVE-2014-5386
Published: 2014-12-28
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 does not seed the random number generator, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging the use of a single initial...

CVE-2014-6228
Published: 2014-12-28
Integer overflow in the string_chunk_split function in hphp/runtime/base/zend-string.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted arguments to the chunk_split ...

CVE-2014-6229
Published: 2014-12-28
The HashContext class in hphp/runtime/ext/ext_hash.cpp in Facebook HipHop Virtual Machine (HHVM) before 3.3.0 incorrectly expects that a certain key string uses '\0' for termination, which allows remote attackers to obtain sensitive information by leveraging read access beyond the end of the string,...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.