OPM Breach Shows Government Cybersecurity Remains ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

Enrico Fontan,
User Rank: Strategist
6/5/2015 | 3:44:39 PM

EINSTEIN System to tune

Government says the breach has been discovered by EINSTEIN system.

If you look at the EINSTEIN system, it possible to see that it has been developed to detect cyber threats.
Looking at the system last evolution we can see that EINSTEIN 3 system adds an IPS to improve it's capabilities:
"The intrusion prevention capability (IPS) builds upon the previous versions by adding the ability to block and disable attempted intrusions before any harm is done."

I think the IPS feature has to be developed again.

EINSTEIN reference "Cross Agency Priority Goal: Cybersecurity FY2013 Q4 Status Update"

Reply | Post Message | Messages List | Start a Board

50%

kbannan100,
User Rank: Moderator
6/5/2015 | 11:58:29 AM

Being ahead of a breach

This just shows that even the most sophisticated and (you'd hope) solid security measures don't always work. You constantly have to be ahead of a breach and be looking for the unexpected.

bit.ly/1P0OVdV

--KB

Karen J. Bannan, commenting on behalf of IDG and FireEye.

Reply | Post Message | Messages List | Start a Board

100%

Paladium,
User Rank: Moderator
6/5/2015 | 10:23:57 AM

Work in progress....?

No, sadly, the excuse that cybersecurity is a work in progress is unacceptable.

"Here ya go Sir. Your car is good as new. Don't worry about the brakes. They are not hooked up yet. Just drive slow. The tires should be fine too. No worries. Just don't make any sharpe turns or they might fall off. We just couldn't get to putting the nuts on them yet. A stearing wheel you say? Here, use this long handled screwdriver to turn the stearing collum."

The single, most important fact everyone should take away from these Government breaches is that politics (petty kingdoms, lack of authority, onerous processes to remove a single screw..., etc.) *prevent* cybersecurity from being properly implemented. Cold, hard, undisputable fact.

Ask pretty much every single former (who chose to walk away) federal contractor providing cybersecurity services what the number one reason is.

Reply | Post Message | Messages List | Start a Board

Editors' Choice

US Formally Attributes SolarWinds Attack to Russian Intelligence Agency

Jai Vijayan, Contributing Writer, 4/15/2021

Dependency Problems Increase for Open Source Components

Robert Lemos, Contributing Writer, 4/14/2021

FBI Operation Remotely Removes Web Shells From Exchange Servers

Kelly Sheridan, Staff Editor, Dark Reading, 4/14/2021

Live Events

Webinars

Cybersecurity Risk Management FREE Event 4/22

Earn (ISC)2 CPEs at Interop Digital, April 29

More Informa Tech Live Events

White Papers

What Elite Threat Hunters See That Others Miss: Case Study

How to Optimize Your Windows 10 Defense Strategy

Top Threats to Cloud Computing: The Egregious 11

IDC Market Share: How the Network Is Used to Unmask the Adversary

Smart Service Management: Working Better Together with a Connected Enterprise

More White Papers

Cartoon

Post a Comment

Cartoon Archive

Current Issue

2021 Top Enterprise IT Trends

We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Battle for the Endpoint

How to build a new cyber strategy for 2021 and beyond.

Download Now!

How Enterprises are Developing Secure Applications

0 comments

Assessing Cybersecurity Risk in Today's Enterprises

0 comments

The Malware Threat Landscape

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-1074
PUBLISHED: 2021-04-21

NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker with local system access may replace an application resource with malicious files. Such an attack may lead to code execution, escalation of privileges, denial of service, or...

CVE-2021-1075
PUBLISHED: 2021-04-21

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the program dereferences a pointer that contains a location for memory that is no longer valid, which may lead to code execution, denial of se...

CVE-2021-1076
PUBLISHED: 2021-04-21

NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.

CVE-2021-1077
PUBLISHED: 2021-04-21

NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.

CVE-2021-1078
PUBLISHED: 2021-04-21

NVIDIA Windows GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel driver (nvlddmkm.sys) where a NULL pointer dereference may lead to system crash.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]