"GAO Tells DOD to Ensure Cyber Incidents are Properly Reported and Shared"

According to a new Government Accountability Office (GAO) report, the Department of Defense (DOD) has not fully implemented its cyber incident management processes. The government watchdog also discovered flaws in data reporting and management. The DOD and the US Defense Industrial Base (DIB) rely heavily on information systems to carry out their missions. Malicious actors continue to target these systems, as the DOD has experienced more than 12,000 cyber incidents since 2015. Chinese hackers breached five US defense and technology firms in November and December 2021, obtaining passwords in order to gain access to the systems of the organizations and intercept sensitive communications. Hackers breached the Defense Information Systems Agency's (DISA) network between May and July 2019, potentially compromising personal information. Furthermore, in February 2017, an Iranian hacker group targeted DIB actors in a campaign to steal credentials and other data. The vast majority of cyber incidents reported are malicious logic incidents, which involve the installation of software designed and/or deployed by adversaries with malicious intentions in order to gain access to resources or information without the user's consent or knowledge. Other incidents include root-level intrusion, user-level intrusion, and Denial-of-Service (DoS) attacks. In order to combat the cyber threat, the DOD has established two incident management processes, one of which is for all incidents and one for critical incidents. The GAO acknowledged the efforts already made by the DOD and the DIB, which have resulted in a decrease in the number of incidents reported from a high of 3,880 in 2015 to 948 in 2021. However, despite this reduction, the GAO discovered that the DOD's system for reporting all incidents often contained incomplete information, and the DOD could not always demonstrate that relevant critical incidents had been notified to appropriate leadership. This article continues to discuss the GAO report on DOD cybersecurity regarding the need to ensure cyber incidents are appropriately reported and shared.

HSToday reports "GAO Tells DOD to Ensure Cyber Incidents are Properly Reported and Shared"