Government Needs To Be More Vigilant Against Enemies
Overseas, Cyber Security Expert Says
The Internet has transformed the way we communicate, the way governments interact and how we use everything from cell phones to home alarm systems and baby monitors.
Unfortunately, it’s also made the nation vulnerable in ways previous generations couldn’t have imagined, says Gary Miliefsky, CEO of SnoopWall (www.snoopwall.com), a company that specializes in cyber security.
“Billions of dollars have been spent on firewalls and antivirus programs,” he says. “Yet at every turn they fail us and we see major breaches in the news on a weekly basis.”
The victims aren’t just retailers targeted by cyber thieves who are after customer credit card information. Government also is at risk and the White House, the Office of Personnel Management and NASA are among those that have been victimized by hackers.
“As much as we would like for the Internet to be secure, it is in fact fragile and constantly under attack,” Miliefsky says. “That’s bad for us as consumers because our private information can be at risk, but it may be even worse for us as a nation, because our national security can also be at risk from cyber attacks from abroad.”
Miliefsky says it’s critical that the federal government take steps to shore up the nation’s cyber defenses in the same way it tries to guard against attacks from land, sea and air.
His recommendations for accomplishing that include:
• Require text-only email communications. All email coming in and out of U.S. government agencies should be restricted to text only. No more attachments or hyperlinks. “That’s going to seem inconvenient, but it will help the White House, the Office of Personnel Management and other agencies avoid falling victim to well-crafted spear phishing attacks,” Miliefsky says. This wouldn’t have to be a permanent fix, he says. Over time, when a completely secure email and hyperlink scrubbing system is in place, agencies could again allow the attachments and hyperlinks.
• Stick to government email servers. Government employees shouldn’t do any public business through private email accounts. This topic has drawn a lot of attention because Hillary Clinton used a private email server when she was secretary of state, but the problem goes even deeper than that. Last year, the research group Government Business Council surveyed federal employees and reported that 33 percent said they sometimes use private email accounts for government business. “That needs to stop, especially when classified information is involved, because it puts all that information at risk of being hacked,” Miliefsky says.
• Block file transfers to enemy nation states. It’s all right for U.S. government employees and the military to visit, study, learn from and review websites outside the country, but they shouldn’t be transferring files and records to such nations as China, Russia, Iran and North Korea, Miliefsky says. Such transfers should be blocked at the government firewalls and routers, he says, though exceptions could be made for classified projects that have been vetted by the FBI, CIA, NSA or Department of Defense.
• Expand funding for cyber defense training and staff. Beefing up the nation’s cyber defenses comes with a price tag, but the investment would be worth it, Miliefsky says. The nation faces the possibility of cyber war, cyber espionage, cyber crime and cyber terrorism, and the federal government needs to hire staff “who have a skill set that’s as good or better than our enemies,” he says. “They will become the new leaders in expanding our cyber defense strategies and capabilities, both in military and civilian roles.”