Defense

NSA: no zero days were used in any high profile breaches over last 24 months

Over the last 24 months, the National Security Agency has been involved in incident response and mitigation efforts for “all the high profile incidents you’ve read about in the Washington Post and New York Times,” said Curtis Dukes, deputy national manager of security systems within the NSA’s information assurance directorate.

By Chris Bing

September 15, 2016

The one common characteristic shared between these incidents, said Dukes, was hackers were using relatively simply techniques — like spear phishing, water-holing and USB drive delivery — rather than zero day exploits to launch successful attacks.

“In the last 24 months, not one zero day has been used in these high profile intrusions,” Dukes said Thursday during the Federal Cybersecurity Summit presented by Hewlett Packard Enterprise and produced by FedScoop.

“The fundamental problem we faced in every one of those incidents was poor cyber hygiene,” Dukes explained, “when you walk in the door to do incident response and the first thing you ask for is ‘Can you give me a diagram of your network?’ And they can’t produce that. Well, we’ve got a problem.”

In each of the mentioned cases, the adversaries were able to take advantage of poorly patched and managed systems, Dukes said.

Though it remains unclear exactly which incidents Dukes spoke to, some of the largest breaches in 2015 and 2016 have included medical insurers Anthem and CareFirst.

Publicly disclosed for the first time in February 2015, the cyberattack on Anthem, one of the U.S.’s largest healthcare insurers, caused 80 million patient records to be compromised. Those digital records contained sensitive information like Social Security numbers, birthdays, addresses, email and other employment information belonging to Anthem customers and employees.

At the time, private sector security researchers believed that the hackers were able to infiltrate Anthem’s networks by using a “sophisticated malicious software program that gave them access to the login credential of an Anthem employee,” the New York Times reported.

NSA: no zero days were used in any high profile breaches over last 24 months

More Like This

VA needs bigger budget to draw better cyber talent, CIO says

Congress should designate an entity to oversee data security, GAO says

Federal CIO focused on cyber, smooth transition in months ahead

Top Stories

State Department reveals new interagency task force on detecting AI-generated content

Anthropic model subject of first joint evaluation by US, UK AI Safety Institutes

Anthropic eyes FedRAMP accreditation in quest to sell more AI to government

Bipartisan House bill to modernize government data would extend CDO Council

Can the Global Engagement Center make the case for itself?

The government is working to improve data access. An AI chatbot could be part of that.

More Scoops

Katie Arrington sues DOD and NSA over five-month suspension

National cyber director role in the spotlight after SolarWinds hack

NSA cyberdefense chief: ‘I have never been more busy’

Meet the man responsible for teaching some of the NSA’s best young hackers

NSA’s Dukes will give ‘international flavor’ to nonprofit CIS

NSA seeks pay bump for its ‘high-end, exquisite civilian talent’

NSA’s top cyber-defender leaves after reorganization

Latest Podcasts

The Pentagon reviews findings on major UAP reports in Senate hearing; a bipartisan House bill to modernize government data would extend the life of the CDO Council

A final interview with GSA’s Ann Lewis

The Federal CIO is focused on cyber, a smooth transition in months ahead; New tech announcements made on Defense Secretary Lloyd Austin’s trip to the Indo-Pacific

Head of the Pentagon’s UAP office unveils new projects and more; Mayorkas hopes the Trump admin will preserve DHS’s AI board

Tech

Defense

Cyber

FedScoop TV