Tuesday, July 7, 00:10
Home security Can hackers help a government?

Can hackers help a government?

From data breaches to election interference, cyberattacks continue to pose a serious threat to US government agencies, businesses and citizens. However, these incidents are so widespread that they now seem normal. Even with lawsuits and financial penalties, the response to the incidents comes at a very slow pace. Data breaches have created mistrust, and with that has come the cynicism and acceptance that nothing can be done. However, there is hope. For the past six months, the government of USA has taken three extraordinary steps to change the way it approaches cyber security, and it all involves the help of an unusual ally: hackers.

government hackers

With the following initiatives, there is an opportunity to significantly improve the security of the federal civil service, the government supply chain and the country's electoral systems.

Insurance of every federal political organization

There are more than 400 political organizations that operate as members of the federal government and are responsible for securing their digital assets and the large amounts of sensitive information they hold.

These services reach every citizen in ways we cannot imagine - from physical defense to private data. However, these organizations are still a frequent target of cyber attacks. Over 35.000 cyber incidents were reported by federal agencies in 2017 alone. The US Postal Service, the agency internal revenue and White House is among the organizations that have reported data breaches in the last five years.

A new initiative launched by the US Department of Homeland Security (DHS) will require every political organization to work with ethical hackers to better secure their digitally of assets. THE Directive will require all federal political services to establish a Vulnerability Disclosure Policy (VDP) to obtain and resolve vulnerabilities identified by ethical hackers before they can be exploited by its criminals cyberspace. A VDP ensures that if a hacker detects something dangerous in one website the one application, can easily report this and the organization will have an immediate way to handle the communication to restore the situation.

Uncovering vulnerabilities has long been an important practice in the cyberspace community. The US Department of Defense (DOD) has been implementing such a policy since 2016 and has since resolved over 12.000 security vulnerabilities that could otherwise have been used by various Criminals of cyberspace.

Securing electoral systems

IT-ISAC and the Senate Rules Committee work with all electoral security vendors, electoral certification bodies, and the private sector to understand how ethical hackers could help secure elections.

The relationships between ethical hackers and pre-election salespeople security have been destroyed, though they are working for the same purpose.

This summer, IT-ISAC tried to bridge the gap by issuing a Request for Information (RFI) on how VDPs and hackers can work better together. The so-called election vendors have made enormous efforts to understand the importance of the contribution of ethical hackers.

Securing the government supply chain

The DOD fully revises how to ensure the security of the logistics chain through Cybersecurity Maturity Model Certification (CMMC). CMMC will require every organization working with DOD to meet certain cybersecurity standards.

The impact of this is amazing. Violations in its supply chain government endanger the country's national security and have a direct monetary impact on the country taxable, at an average cost of $ 6.000. Ethical hackers could play an important role in this initiative.

The exploitation of vulnerabilities identified in government cybersecurity infrastructure will continue to increase. In the meantime, there is an entire army of hundreds of thousands of security experts willing to help.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.


Windows 10 2004: Unauthorized settings "block" the upgrade

Users report that they have a problem with Windows 10, since they are excluded from the application of the May 2020 update, when they manually attempt to ...

Lenovo is improving Linux ThinkPads but the problems remain

Last month, when Lenovo announced that it was going to certify the ThinkPad series for use with Linux operating systems, we thought directly ...

Nigerian accused of fraud against US companies

A Nigerian was taken to the federal court in Chicago on Friday, after being accused of coordinating an international cyber fraud system, which affected ...

Home routers display critical errors and run unpatched Linux

The German Fraunhofer Communication Institute (FKIE) conducted a survey that included 127 home routers from seven different brands, in an effort to ...

IPhone 12 release: Will we finally see it by the end of 2021?

New data on the release of the iPhone 12, which we all expect not to happen in September, say that it will only be delayed ...

MySQL: Replaces terms that reinforce racial discrimination

MySQL database developers have announced that they will be replacing terminology such as master, slave, blacklist, and whitelist.

The CEO of a cryptocurrency investment company was cheating

As reported by News24, Willie Breedt, the founder of VaultAge Solutions (cryptocurrency investment company), declared bankruptcy last week and the ...

United Kingdom: Will it exclude Huawei from its 5G networks?

The UK government has received an NCSC report on Huawei, which may change its policy ...

A Yahoo engineer is not in jail after hacking 6.000 accounts

A former Yahoo engineer has been sentenced to five years in prison for hacking into personal accounts ...

PoC exploits released for critical vulnerability on F5 BIG-IP devices

PoC exploits released for critical vulnerability on F5 BIG-IP devices Two days after the release of updates on critical vulnerability on F5 ...