In this article, we will take a look at what the Department of Homeland is doing for cybersecurity. As with critical infrastructure protection. National responsibility for cybersecurity was an original mission.
Department of Homeland is doing for cybersecurity
Assigned to the Department of Homeland Security by the 2002 Homeland Security Act. Cybersecurity remains a priority DHS mission. As identified in the 2014 Quadrennial Homeland Security Review. Also as mentioned, cybersecurity goes hand in hand with critical infrastructure protection. Because one, cyberspace provides an avenue for attacking critical infrastructure from anywhere in the world. Two, cyber components make critical infrastructure susceptible to subversion, disruption, or destruction. And three, cyberspace itself is a critical infrastructure on which many other critical infrastructures depend. According to the US National Research Council.
A cyber attack is any deliberate action to alter, disrupt, deceive, degrade, or destroy computer systems or networks. Or the information and or programs resident in or transiting these systems or networks.
The 1984 Counterfeit Access Device and Computer Fraud and Abuse Act, title 18, section 1030, United States code. Prohibits unauthorized access to computers used by the federal government, banks. And otherwise used for interstate or international commerce. Due to the inter-state nature of the internet the law is interpreted to mean, most all computers and cell phones.
A 1986 amendment made it a further crime to distribute malicious code, traffic passwords or conduct denial of service attacks. According to a 2014 report by the Center for Strategic and International Studies. The two most common methods of attack are social engineering and vulnerability exploitation. Social engineering is where an attacker tricks a user into granting unauthorized access to a system.
Vulnerability exploitation is where an attacker takes advantage of a programming or implementation failure to gain unauthorized access. The DHS glossary of common cybersecurity terminology says. Cybersecurity is the activity or process, ability or capability, or state whereby information and communication systems. And the information contained therein. Are protected and/or defended against the damage, unauthorized use or modification, or exploitation. In concept, cybersecurity is very simple. All you have to do is ensure the confidentiality, integrity, and availability of the computer and its data. Confidentiality ensures that the system and data are not accessed by an unauthorized agent. Integrity ensures that the system and data are not corrupted by an unauthorized agent.
Availability ensures that the system and data are always accessible when needed. These seemingly simple goals, however, are very difficult to attain because computers are inherently stupid and fragile. Computers are stupid because unlike humans, computers are incapable of making value judgements regarding their actions. And will perform as directed regardless of the outcome. Even if the consequences are catastrophic. Computers are also fragile. A single wrong character can disrupt millions of lines of code. Finding such flaws is impossible. Even a small 100-line program with some nested paths and a single loop may contain 100 trillion paths. Assuming each path could be evaluated in a millisecond, that’s 1,000 paths tested every second. It would take 3,170 years to test all possible paths through the code.
The Android operating system for mobile devices has 12 million lines of code. The bottom line is that with any useful piece of software, you don’t know what you’ve got and there’s no way of finding out. Vulnerabilities abound, and there are malicious agents willing to find and exploit them. In the case of social engineering, your security is only as strong as the weakest member of your team. In other words, there is no absolute security, only continual vigilance.
That is where the Department of Homeland Security comes to play. The same National Protection and Programs Directorate that is home to the Office of Infrastructure Protection. Is also home to the Office of Cybersecurity and Communications. Just as the Office of Infrastructure Protection stands watch over critical infrastructure. From the National Infrastructure Coordinating Center. The Office of Cybersecurity and Communications stands watch over cyberattack. From the National Cybersecurity and Communications Integration Center. Just like the NICC the NCCIC is a 24 hour operation center. Ready to coordinate a national cyber incident response.
Among its assets, the NCCIC can call upon the US-CERT and the ICS-CERT. The US Computer Emergency Readiness Team at Carnegie Mellon University, Pennsylvania. Works with product developers to remove security vulnerabilities in their software. And provides a clearinghouse for gathering threat data and disseminating alerts and countermeasures.
The Industrial Control Systems Cyber Emergency Response Team. Performs similar functions to the US-CERT for industrial control systems. But also has ready an emergency response team that can deploy upon request to help resolve a specific cyber incident. In truth, response assets are few. And their ability to contain and resolve problems, limited.
That is why today the first and last line of cyber defense [INAUDIBLE] was system owners and operators. They are the best positioned in proximity and understanding. To most quickly spot trouble and isolate and resolve problems when found. Until there is a cure for cyber attack. The best treatment is a regimen of configuring, patching, monitoring, and sharing.
Let us review the main points of this article.
1, cybersecurity and critical infrastructure protection are intimately related.
2, cyber attack is a Federal crime according to title 18 section 1030 United States Code. Called the 1984 Counterfeit Access Device and Computer Fraud and Abuse Act.
3, according to a 2014 study, social engineering and vulnerability exploitation are the two most common methods of cyber attack.
4, Four, cybersecurity is a matter of ensuring the confidentiality, integrity, and accessibility of a computer system and its data.
5, Cybersecurity is easier said than done because all software is vulnerable, and security is only as strong as your weakest user.
6, The DHS National Cybersecurity and Communications Integration Center, the NCCIC, maintains 24-hour watch for cyber attack.
7, The US-CERT works with program developers to fix identified security vulnerabilities. And provides a clearinghouse for threat reporting and countermeasure distribution.
8, The ICS-CERT does the same thing for industrial control systems. And can also deploy a team to provide onsite support in response to a specific cyber attack.
9, DHS cyber response assets are few, and their ability to contain and resolve problems, limited.
10, the first and last line of cyber defense rests with system owners and operators.
11, until a cure can be found, the best cybersecurity regimen is to configure, patch, monitor, and share.