Nafeesa Syeed (Bloomberg) -- Cyber-criminals and terrorists are increasingly pursuing destructive attacks on U.S. government networks, and many federal agencies still fail to realize they’re an easy target, according to an executive at cybersecurity firm FireEye Inc.
FireEye has tracked an “uptrend’ from hackers attempting to break into both U.S. military and civilian systems in order to destroy data, according to Tony Cole, FireEye’s vice president and Global Government chief technology officer. The Milpitas, California-based company counts several U.S. agencies as its clients, including the State Department.
“The biggest concern today is more destructive attacks,” Cole said Thursday in an interview on the sidelines of a Washington cyber conference. While countries often target other governments in cyber espionage, “we’re starting to see more terrorists trying to garner more cyber capabilities in this space as well,’’ he added.
Even after the 2015 breach of the Office of Personnel Management, which compromised data on 21.5 million individuals and has been linked to Chinese hackers, “everyone hasn’t learned the lessons from that yet,’’ Cole said. “Many of the civilian organizations today haven’t woken up to that still.’’
Cole said he’s given input about a long-expected cybersecurity executive order to senior Trump administration officials, whom he declined to identify. He said he hopes the White House seeks input on the order from committees in Congress that have long worked with the private sector on cyber issues.
While several key cyber posts in the government haven’t been filled yet, Cole said he’s encouraged by the appointment of Rob Joyce, who led the National Security Agency’s Tailored Access Operations hacking group, to work on cyber issues at the National Security Council. Joyce has “operational experience” and “he can have a significant impact across the entire federal government in that role.”
Some agencies are improving their cybersecurity, but “even the organizations that are doing better than others still aren’t great at it,” Cole said. “Some are pretty decent, some are pretty good, but there’s still an enormous amount of effort that needs to take place.’’
Too many cyber compromises are happening on things agencies should have already fixed, giving hackers an easy way into networks through known security gaps that aren’t that advanced, Cole said.
“The problem the U.S. government has today is that they’re still having to push to get people to patch systems and actually update operating systems -- and they shouldn’t’’ have to do so, he said.
In the U.S., defense and intelligence agencies have stronger cyber defenses than civilian agencies, which often store sensitive personal information.
“One of the bigger challenges, sadly, is getting all of them to understand they’re all a target,’’ Cole said.