Are Security Efforts Decreasing Successful DoD Hacks?

Monday, November 22, 2010



A recent report from the U.S.-China Economic and Security Review Commission indicates that stepped up security efforts at the national level are impacting the number of successful attempts to penetrate networks systems at the Department of Defense.

But the number of attacks probably have not decreased, and the wording of the report indicates that the lower number reported may actually be due to the metrics used and the defined "thresholds" used in the reporting.

"This may or may not represent a decrease in the volume of attempts to penetrate defense and military networks. The Defense Department explained the lower figures as resulting from measures taken to mitigate threats before they reach the threshold that merits an incident log entry. Specifically, the department cited 'greater visibility of threat activity, vulnerability and ultimately risk by leaders at all levels across [the Department of Defense]' in addition to greater resources, enhanced perimeter defenses, and the establishment of U.S. Cyber Command."

Other reports indicate that the frequency of attacks on critical network systems and internet-based crime as a whole is on the uptick, contrary to this report.

In addition, cyber attacks are employing a higher level of sophistication, as exemplified by the Stuxnet virus, which is capable of actually causing physical damage to SCADA systems.

If the number of "successful" attacks on DoD systems is actually increasing, then the news is fantastic, to say the least.

Given the weight of the evidence concerning current trends, the most likely explanation is that the decrease is due to a semantic change in the reporting standards used at the DoD as opposed to an actual decrease in the attacks.


Possibly Related Articles:
Defense DoD Cyberwar Attacks Headlines Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.