Cybersecurity Incidents on Rise

Reflective of the alarming number of the threats to federal systems, agencies are reporting a trend of increasing waves of cybersecurity breaches. These incidents put sensitive information at risk. Personally identifiable information about Americans has been lost, stolen, or improperly disclosed, thereby potentially exposing those individuals to loss of privacy, identity theft, and financial crimes. Reported cyber attacks and unintentional incidents involving critical infrastructure systems demonstrate that a serious cyber attack could be devastating. Agencies have experienced a wide range of incidents involving data loss or theft, computer intrusions, and privacy breaches, underscoring the need for improved security practices. When incidents occur, agencies are to notify the federal information security incident center—US-CERT. As shown in the figure “Cyber Incidents Reported to US-CERT in 2006 - 2008, estimates 2009 -2010″, the number of incidents reported by federal agencies to US-CERT has increased dramatically over the past 3 years, increasing from about five thousand incidents reported in fiscal year 2006 to almost seventeen thousand incidents in fiscal year 2008 (about a 200% increase).

Incidents are categorized by US-CERT as following:

• Malicious code: Successful installation of malicious software (e.g., virus, worm, Trojan horse, or other code-based malicious entity) that infects an operating system or application. Agencies are not
  required to report malicious logic that has been successfully quarantined by antivirus software.
• Unauthorized access: In this category, an individual gains logical or physical access without permission to a federal agency’s network, system, application, data, or other resource.
• Scans/probes/attempted access: This category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service, or any combination of these for later exploit. This activity does not directly result in a compromise or denial of service.
• Investigation: Unconfirmed incidents that are potentially malicious or anomalous activity deemed by the reporting entity to warrant further review.
• Improper usage: A person violates acceptable computing use policies.
• Denial of service: An attack that successfully prevents or impairs the normal authorized functionality of networks, systems, or applications by exhausting resources. This activity includes being
  the victim or participating in a denial of service attack.

• 
• 

Featured Reports

• Virtual Event Market Skyrockets
• Deep Packet Inspection Market Bolstered by US-CERT Einstein Programs
• Deep Packet Inspection (DPI): U.S. Government Market Forecast 2010-2015
• Virtual Event Market: Trends to Watch
• Virtual Conference & Trade Show Market Forecast 2010-2015
• COTS Is the Name of the Game for Defense HPC Market
• Worldwide Defense High Performance Computing (HPC) Market Forecast 2010-2015
• U.S. Government Wireless Voice and Data Spending Forecast 2010-2015
• U.S. Federal Cybersecurity Market Forecast 2010-2015
• U.S. Federal IT Market Forecast 2011-2015