Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Cyber Threat Increases as More Americans Telework

Thursday, March 19, 2020

Categories: ASCF News Emerging Threats Cyber Security

Comments: 0

WASHINGTON - The race to slow the spread of the coronavirus in the United States is placing an unprecedented burden on the country’s cyber infrastructure, potentially making it as vulnerable as it has ever been. 

At issue are the U.S. government agencies, thousands of businesses and millions of Americans, who suddenly have been forced to telework and rely on the security of their internet connections and good cyber hygiene, to keep businesses and services running. 

The result, some officials warn, is an opening for anyone who would like to strike a virtual blow. 

“We’re mindful that our adversaries often see opportunity in situations like these,” a U.S. official told VOA on the condition of anonymity, given the sensitive nature of the subject. 

Both the FBI and private cybersecurity firms warn the assault is already well underway. 

“We're seeing a significant amount of threat in email, leveraging social engineering at scale to do a variety of attacks,” said Sherrod DeGrippo, senior director of threat research and detection at Proofpoint. 

Some of the emails are designed to look like they are coming from legitimate agencies such as the U.S. Centers for Disease Control and Prevention (CDC) or the World Health Organization (WHO), using fear of the coronavirus to get a recipient to click on a malicious attachment or link. 

DeGrippo says the largest attack involved about 300,000 emails, and that new variations are coming in constantly. 

“We’re just seeing this being used across every potential attack style that you can possibly do,” she said. “It's incredibly widespread.” 

So far, almost all the attacks Proofpoint has documented have come from cybercriminals.  But the potential for damage is significant. 

Teleworking and the cyberthreat 

Some attacks are focused on phishing, looking to steal user IDs and passwords. Others involve installing malware (malicious coding) designed to steal data or to access financial accounts and steal money. 

And while those sorts of attacks are not new, many of the individuals being targeted are inexperienced. 

"We are now in the situation of 100% work from home for a huge number of employees in corporate America,” DeGrippo said. “They don't have the same technological protections and control at their home that they did have in their office.” 

“You really completely shifted the attack surface,” she added. 

For years, cybersecurity experts in government and the private sector have warned that the networks Americans rely on are not secure and that many may have already been compromised. 

Last week, a bipartisan report by lawmakers and experts warned the United States is still not prepared. 

 “The status quo in cyberspace is unacceptable,” according to the intergovernmental U.S. Cyberspace Solarium Commission. “The current state of affairs invites aggression and establishes a dangerous pattern of actors attacking the United States without fear of reprisal.” 

Cyberattack amid a pandemic 

Those fears were front and center Monday when officials confirmed there had been a “cyber incident” involving networks belonging to the U.S. Department of Health and Human Services (HHS), which has been playing a key role in the government’s coronavirus response. 

HHS officials say despite the attack, none of their systems have been penetrated and that no information was compromised. 

Security officials have yet to assign any responsibility for the attack, though they are looking at whether a state actor may be to blame. 

In the meantime, there is concern that additional attacks, whether targeting the country’s cyber infrastructure, government health agencies or even medical manufacturers, are likely. 

 “Supply chains are global. So, if you somehow can interfere or affect those supply chains, that causes some issues that we haven't had to deal with before,” said Stuart Brotman, a fellow in the Science and Technology Innovation Program at The Wilson Center in Washington. 

“That would have a major impact on being able to confront the virus,” he added. 

U.S. officials and independent experts admit that for most state actors, such an attack would come with substantial risk, as many countries are also battling the coronavirus pandemic. 

Rogue actors, like criminal syndicates or North Korea, which has shown a willingness to attack companies like Sony and banks around the world, might be tempted, they say. 

The bigger concern, though, is that some U.S. adversaries may see this as a chance to ramp up other cyber campaigns, like attempts to meddle in the upcoming presidential election, while U.S. officials focus on stopping the virus’s spread. 

“Clearly, we are in this critical electoral moment which happens to overlap with COVID-19,” said Brotman. “So, now if you were on the other side trying to figure out how do we create some immediate pain, you would want to take both of those elements and put them together.” 

Despite the myriad vulnerabilities, U.S. officials are not giving up, encouraging government agencies and the private sector to do what they can to improve their cybersecurity posture. 

“In this kind of condition, where you’re expanding your network, relying more and more on digital connectivity, it’s never too late,” Mark Montgomery, executive director of the U.S. Cyberspace Solarium Commission, told VOA. 

“The consequences are higher now,” he said. "If they take action now, they still have time to make an impact." 

Photo: Reuters - Attendees of the 2019 DEF CON cybersecurity event are seen at the conference's car hacking village in Las Vegas, Nevada, August 9, 2019.

Link: https://www.voanews.com/science-health/coronavirus-outbreak/cyber-threat-increases-more-americans-telework

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.