Cybersecurity and Privacy in Government

Permanent URI for this collection

https://hdl.handle.net/10125/102517

Browse

Recent Submissions

Now showing 1 - 4 of 4
  • Item
    Introduction to the Minitrack on Cybersecurity and Privacy in Government
    ( 2023-01-03) Harrison, Keith ; Conklin, Wm. Arthur ; White, Greg
  • Item
    Reaching an Underserved Population in Communities: Project Xander – Cybersecurity for NonProfits
    ( 2023-01-03) White, Greg
    Cyber criminals continue to look for new targets which they can exploit. A recent addition to their list of targets are nonprofit and faith-based organizations within communities. These organization generally do not have the budget to hire a cybersecurity professional or pay for cybersecurity services. A program to reach this sector to assist them with their cybersecurity posture was launched called Project Xander. This program is designed to utilize students from area colleges and universities to provide assessment and consulting services for organizations within the sector. The pilot program was run in the 2021-2022 academic year and was successful and is now being expanded to include other communities and academic institutions. It addresses a need in communities in a sector that has been underserved and that has historically not had the resources to implement robust cybersecurity programs.
  • Item
    Creating Synthetic Attacks with Evolutionary Algorithms for Proactive Defense of Industrial Control Systems
    ( 2023-01-03) Haynes, Nathaniel ; Nguyen, Thuy ; Rowe, Neil
    Industrial control systems (ICS) play an important role in critical infrastructure. Cybersecurity defenders can use honeypots (decoy systems) to capture and study malicious ICS traffic. A problem with existing ICS honeypots is their low interactivity, causing intruders to quickly abandon the attack attempts. This research aims to improve ICS honeypots by feeding them realistic artificially generated packets and examining their behavior to proactively identify functional gaps in defenses. Our synthetic attack generator (SAGO) uses an evolutionary algorithm on known attack traffic to create new variants of Log4j exploits (CVE-2021-44228) and Industroyer2 malware. We tested over 5,200 and 256 unique Log4j and IEC 104 variations respectively, with success rates up to 70 percent for Log4j and 40 percent for IEC 104. We identified improvements to our honeypot’s interactivity based on its responses to these attacks. Our technique can aid defenders in hardening perimeter protection against new attack variants.
  • Item
    High Value Assets (HVA) Lessons Learned for Small Government Agencies and Small to Mid-sized Organizations
    ( 2023-01-03) Sjelin, Natalie ; West, Jeremy ; Dietrich, Glenn
    Cyberattacks are a persistent threat to organizations across all sectors, and over the past decade, attackers have increasingly been targeting municipalities. Protecting the most critical information and systems or high value assets (HVAs) from a cyberattack is essential to reduce the risk of impacting critical services that make day-to-day activities possible. Identifying HVAs is a process that assists organizations in recognizing which assets are most critical and therefore require the most significant protective measures. An HVA process was developed for State, Local, Tribe, and Territory (SLTT) jurisdictions of any size, capability, and cybersecurity maturity to assist them in identifying assets that are vital to community operations. The SLTT HVA Process aligns with the Federal HVA Program developed by the Cybersecurity and Infrastructure Security Agency (CISA). Four jurisdictions are piloting the SLTT HVA Process and, through this initiative, are generating vital lessons learned to successfully incorporate the process into their cybersecurity program.