Security News > 2020 > February > After DISA breach, experts say US agencies must stop lateral movement of hackers

Attackers shouldn't have been able to remove sensitive data like Social Security numbers from military networks, according to cybersecurity experts.

Joe Lareau, senior security engineer, Exabeam, said that as political tensions around the globe continue to rise, government agencies have to be vigilant and create modern security systems that can handle a variety of attacks.

"We recommend building and using 'defense in depth'-multiple layers of controls that involve staffing, procedures, technical and physical security for all aspects of the security program. As part of this, these entities should also consider utilizing behavioral analytics technologies on the network, which track and learn users' baseline behavior and immediately notify security analysts of anomalous behavior that could be indicative of a breach or infiltration."

"It's a question mark how the personally identifying information of DISA employees is at risk - that information should be wrapped in strong encryption, encrypted both at rest and in motion. Once these breaches occur and the personal data is in the wild the best companies can do for their personnel is, at the very least, provide free credit monitoring and leverage cybersecurity companies who can alert when personnel's information like Social Security numbers are found on the Dark Web," Smothers said.

Marcus Fowler, the director of strategic threat at the security firm Darktrace, said there is an increasing expectation from the public that whether you're MGM Hotels or you're DISA, you have an obligation to own up to a breach and people in a way that showed nothing but an attempt to make victims more secure, rather than damage control for brand.

News URL

https://www.techrepublic.com/article/after-disa-breach-experts-say-us-agencies-must-stop-lateral-movement-of-hackers/#ftag=RSS56d97e7