US Department of Defense Science Board released a study that says the vulnerability of US agencies and infrastructure to hacker attacks. The reason for this are the many weaknesses in control systems and information both civil and military installations.
In the Pentagon report says that the US critical infrastructure (CI) will remain vulnerable to cyber attacks from Russia and China over the next ten years.
The 44-page document prepared by the Scientific Council of the Ministry of Defense, indicated the need to mitigate the impact of hacker attacks, while the Pentagon will develop the technical means to counter, as well as create a cyber weapon to be used against intruders.
The report points to an insufficient level of protection for both military and civilian management systems.
The vulnerabilities are actively being abused not only Russia and China, but also the so-called country-kiberagressory second order, such as North Korea and Iran.
Scientific Council of Ministry of Defence has identified three main problems faced by the United States as part of the kibersderzhivaniyu – significant opportunities in Russia and China, the country risk the CI; growing potential of the regional powers, capable of using local or imported cyber weapons against the United States, as well as other non-state actors whose attacks although do not have much power, but it can have a cumulative effect.
“The United States and our allies and partners are at risk of serious hacker attacks and break-ins, – the document says. – Need for containment is not discussed, as well as the need to accelerate the development of countermeasures “.
According to the Scientific Council, Russia and China are the main threat to US critical infrastructure stability. Over the past ten years, China launched a massive campaign to identity theft online.
Despite the promises of the country’s leader Xi Jinping put an end to cyber attacks, hacking by Chinese hackers “were reduced but have not completely stopped.”
Russia to crack the American authorities and used the information to influence the outcome of the presidential election in 2016.
It is reported that US computer networks are already implemented foreign malware – we are talking about Havex BlackEnergy and programs that are allegedly involved in the attack on the industrial control systems. In particular, using the latest was made hacking substations in Ukraine at the end of 2015.
The report says that America can not eliminate the possibility of cyber attacks from Russia and China, but can enhance the security of critical facilities KI to provide them with greater stability.
Congresswoman Elise Stefanik, who is the chairman of the military subcommittee on emerging threats, said the Pentagon report underlines the threat of cyberwar that is a challenge for national security.
“I still express concerns about the fact that the US has no coherent strategy in this area, but the specific recommendations outlined in the report are an excellent starting point for the Congress to begin work”, – said Stefanik.
In early March, OMB (OMB) under the administration of US President issued the statistics of cyber attacks and information security measures by the end of 2016. The study collected data from reports of several agencies were found to be positive.
According to the report, in 2016 the topic was widely discussed cybersecurity American citizens, as millions of ordinary people and their personal information had been under threat of criminal acts of hacking.
“We must redouble our efforts to inform the people of America and American companies on how to protect sensitive data,” – said in a report to OMB.
Of the 30,899 incidents of hacker attacks on federal agencies, only 16 were found “carrying a potentially serious threat.”
In 2016, the ministry had taken the necessary information security measures – now 81% of public servants America are personal identification cards (PIV) for access to the internal federal networks.
In addition, 70% of the agencies introduced a special anti-phishing system, designed to protect networks from malicious attacks and unauthorized access to the data of national importance.