by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : December 2012
24 December 2012 FCW.COM Cyberspace was more dangerous than ever in 2012. With the emergence of highly sophisticated attacks, adversaries were pilfering information and generally wreaking havoc on the digital infrastructure. The cyber battle eld became a reality, and federal agencies stepped up their efforts to ght an invisible enemy. FCW asked a variety of experts how 2012 will be remembered in the history of cybersecurity --- and what those developments might mean for federal agencies in the years to come. A CHANGE IN ATTACKERS' BATTLE PLANS 1. 2. HEIGHTENED AWARENESS OF ATTACKS 2012: The year in cybe From 2006 to 2011, federal agencies experienced a 680 percent spike in cyberattacks. There are a growing variety of assault methods, but coordinated and high- precision attacks on infrastructure in particular increased in 2012, said Keith Rhodes, chief technology of cer in Qin- etiQ North America's Services and Solu- tions Group. He cited the Stuxnet worm as an example of particularly complex malware that targeted and knocked out individual pieces of equipment.That code, generally believed to be the work of the U.S. and Israeli governments, is a preview of how attacks will likely evolve. Attackers "basically got it down to the part number --- this manufacturer, this piece of equipment, this part number, " he said. "It's not the usual, 'I'm going to go against a router or a switch.' They're going after programmable logic control- lers, the infrastructure pieces. " The main purpose of such attacks is to interrupt whatever activity the target- ed device is used for, said Rhodes, who served as the Government Account- ability Of ce's rst chief technologist. By contrast, previous attacks simply shut down the entire production. "It's a more sophisticated approach to a rather on/off brute-force approach, and that means... an adversary is trying to be more subtle, " he said. All that activity means agencies are more aware of their vulnerabilities, and they are taking action, said Neville Pattinson, vice president for government affairs, standards and business development at Gemalto. Many agencies are using smart cards for physical access, but they should also be using them to grant access to digital resources, he said. A major milestone in cybersecurity was when the Defense Department banned the use of user names and passwords. Now employees use Common Access Cards to log onto computers. Overnight, more than 46 percent of cyberattacks at DOD were eliminated, Pattinson said. "I think 2013 and 2014 are going to see a strong case in all federal agen- cies to follow the lead of DOD and enforce the use of the smart cards for logical access, " he said. 2012 also characterized "the mask falling off what I would refer to as the invisible cyber war, " said Jamie Barnett, senior vice president of national security policy at the Potomac Institute for Policy Studies. "It's clear that there is an invisible war going on, both offensive and defensive, such as espionage missions and reactive measures as well, " he said. With the onslaught of attacks on the banking industry came the realization that government and industry need stronger collaboration, said Barnett, who previously served as chief of the Federal W. Hord Tipton, executive director of (ISC)2 and former CIO at the Interior Department, agreed. "Now we see much more focused attacks with targets that are much more de ned, and that makes them more stealthy, " he said. "When you're scanning networks and looking around for vulnerabilities, you're just banging on all the doors, and it makes it easier for our defensive teams to gure out where attacks are coming from. But now if attackers can't nd a vulnerabil- ity, they stay hidden and keep looking behind the scenes to nd a way in. "
November 30, 2012