Defense

NSA tech director: future cyberattacks will mutate systems to damage victims

Some of the most devastating cyberattacks of the future will infect and then transform an organization’s own data infrastructure to cause damage, NSA technical director of the information assurance directorate Neal Ziring said, Tuesday, during the Billington Cybersecurity Summit in Washington, D.C.

By Chris Bing

September 13, 2016

Some of the most devastating cyberattacks of the future will ultimately manipulate an organization’s own data infrastructure said a top NSA official Tuesday during the Billington Cybersecurity Summit in Washington, D.C.

Hackers will look to “subvert” powerful capabilities that work in the enterprise to increase their influence and impact of tomorrow, said Neal Ziring, NSA technical director of the Information Assurance Directorate.

“The example I was going to give was if you have cloud encryption. That’s far more powerful at encrypting the data for a ransom-type attack than writing your own malware that does it … I am very worried that we’ll see cyberattacks that are based on the subversion of those powerful capabilities like [Active Directory], like cloud encryption, like network management,” said Ziring.

A recent hack against Windows’ active directory federation services, or ADFS, offers a glimpse into what these cyberattacks may look like, according to Robert Bigman, president of 2BSecure.

In one case, “a hacker could not get into ADFS from the perspective of penetrating into the network and exploiting the protocol. But what they did realize is they were able to find through the actual transmission, the actual conduction request, what the password was. Now the password was encrypted with a hash, but what they were able to do is replace it,” Bigman also said during the Billington conference.

“As a ransomware attack … [the hackers] called up the company and said ‘you know, you’re ADFS are going to slow down and stop working,” making it so users across the organization would not be able to access the directory in question, 2BSecure’s president explained. Eventually, the victim company paid the ransom, caused by the corruption of a native system.

NSA tech director: future cyberattacks will mutate systems to damage victims

More Like This

Federal CIO calls on Congress to fund Technology Modernization Fund

DOJ ‘not aware of any’ identity theft, fraud following consultant’s data breach

How Google Cloud AI and Assured Workloads can enhance public sector security, compliance and service delivery at scale

Top Stories

State Department encouraging workers to use ChatGPT

GSA administrator: Generative AI tools will be ‘a giant help’ for government services

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

More Scoops

‘A lot of work’ still required to enable 5G integration for U.S. military

Zero trust guide coming to DOD in 2021

DOD’s red team hackers struggle sharing vulnerabilities with military

Department of Energy closely watching DOD’s JEDI implementation

New NSA cyber directorate prioritizes standards for security of military’s emerging tech

NSA cyberdefense chief: ‘I have never been more busy’

Meet the man responsible for teaching some of the NSA’s best young hackers

Latest Podcasts

NSA tech director: future cyberattacks will mutate systems to damage victims

AI Week 2024 has Come and Gone

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

Tech

Defense

Cyber

Acquisition