NSA considers its networks compromised
Posted on 17 December 2010.
Debora Plunkett, head of the NSA's Information Assurance Directorate, has confirmed what many security experts suspected to be true: no computer network can be considered completely and utterly impenetrable - not even that of the NSA.

"There's no such thing as 'secure' any more," she said to the attendees of a cyber security forum sponsored by the Atlantic and Government Executive media organizations, and confirmed that the NSA works under the assumption that various parts of their systems have already been compromised, and is adjusting its actions accordingly.

To preserve the availability and integrity of the systems it has the duty to protect, the NSA has turned to standardization, constant auditing, and the development and use of sensors that will be placed inside the network on specific points in hope of detecting threats as soon as they trigger them, reports Reuters.

The problem with cyber defense - especially when it comes to attacks backed by governments and intelligence organizations - is that attackers are usually highly motivated and often very well funded.

Organizations can think of a hundred things to do to secure a system, but the attackers have time, money and incentive to keep at it as long as it takes to identify that crack in the armor that will allow them to get in.

So far, as I can see, the main aspect of cyber defense that every one should concentrate on is real-time detection of intrusions that would allow defenders to actively fight off the attackers - and the NSA is possibly on the right track if the sensors the plan to deploy will allow them to do that.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //