By Jill R. Aitoro
Federal agencies should prioritize their information security
requirements to ensure mission-critical operations are protected first,
and delineate between "that which is aggravating and that which is truly
dangerous," the Homeland Security Department's cyber chief Greg Schaffer
said during a conference on Tuesday.
Cyberattacks are growing far more sophisticated, in part because they're
more difficult to detect, said Schaffer, who was appointed assistant
secretary of DHS' Office of Cybersecurity and Communications in June.
Schaffer and Dave DeWalt, chief executive officer of security vendor
McAfee, spoke Tuesday morning at the GFirst conference in Atlanta hosted
by the department's U.S. Computer Emergency Readiness Team.
"The more sophisticated attacks ...are low and slow, designed to not
draw attention, but insidiously get at data and resources," Schaffer
said "Yet at the same time, the level of noise from less sophisticated
attacks continues to grow. This makes for an environment where it is
easy to focus on the wrong pieces of the puzzle while bad things happen
under the radar. We need to be vigilant and focused."
According to security vendor McAfee, there was a 500 percent increase in
2008 in the number of malware attacks that used hostile code to
infiltrate or damage a computer system -- equal to the combined total
for the five years prior, DeWalt said. In 80 percent of all malware
attacks, the motive is financial, with attackers trying to steal
identities and data for profit. The other 20 percent of attacks are
prompted by "religious reasons," such as political espionage or
Subscribe to InfoSec News