Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, is on the alert about cyber-attacks, especially those coming from Iran, Ars Technica reports.
His push for stronger cybersecurity and awareness follows a recent string of spear-phishing attacks connected to an infrastructure connected to APT33, an organization tied to the Iranian government and Iranian Revolutionary Guard Corps. Krebs said these recent actions are efforts to check for network vulnerabilities, rather than full-fledged attacks on specific targets. And while they’ve happened, “malicious payloads” haven’t been seen, although the increase in this sort of activity can lead to more harmful attacks, including data deletion attacks, wiper attacks, or classic ransomware, Krebs told Ars Technica.
However, the more exploring hackers are able to do on a network, the closer they are to developing “their capabilities” to go in for a cyber-kill with greater consequences, Krebs said.
The Biggest Targets, and How to Protect Them:
According to Krebs, some of the biggest targets of these probes are found within the U.S.’s government structure. “That’s where I think we’ve got a lot to do—work in the federal government, to state, local governments, and work in Congress,” he told Ars Technica.
The key to keeping networks and sensitive information safe, Krebs says, is by investing in people. Creating cybersecurity roles and weaving them into organizational structures will ensure networks are covered. “It starts with [cybersecurity] advisors reaching out to state and local governments,” Krebs told Ars Technica. “What I would like to see is one of my cyber security advisors [CSAs] in every state capital, someone who maintains a direct relationship with state governments but also works with jurisdictions, whether that’s city or county. Now we’ve got only about two dozen [CSAs], but they have to focus on private sector, not just state and local government.”
For example, groups like CISA, which was created last year to protect domestic cybersecurity and critical infrastructure security activities, are working to keep governmental information safe, including information involved with elections. Election security is something that needs additional manpower, especially with presidential elections taking place next year, Ars Technica says.