Monday, January 08, 2007

U.S. DoD Battles Increasingly Hostile Cyberattacks

Bob Brewin and Josh Rogin write on FCW.com:

The Defense Department continues to battle increasingly sophisticated attacks against its information systems and networks, including significant and widespread attempts to penetrate systems with targeted, socially engineered e-mail messages in a technique known as spear phishing.

According to internal documents and DOD officials, the department has fought back with requirements that users log on to networks with a Common Access Card (CAC) that electronically verifies their identities and digitally signs e-mail messages with the key contained on that card.

It has also required the use of plain text e-mail messages and converts HTML messages to plain text because HTML can contain programming code that plants keystroke loggers, viruses and other malware on computers, according to a Joint Task Force-Global Network Operations (JTF-GNO) presentation on spear phishing awareness training that all DOD employees and contractors must complete by Jan. 17.

More here.

Background here, here, and here.

0 Comments:

Post a Comment

<< Home