New cyber attack technologies are changing the threat landscape, says the U.S. Government Accountability Office in a new report calling for urgent federal action. The watchdog agency says that attackers may be able to do more damage than before as technologies used to carry out denial-of-service attacks steadily advance.
“Threats around the globe are emerging and escalating, with foreign adversaries gaining expertise and being backed by governments and others with significant resources” the GAO says.
As recent examples, the agency notes that Atlanta’s municipal information system was hit with a cyberattack that prevented customers from paying bills and viewing court information.
The U.S. Justice Department indicted nine Iranians for a cybersecurity theft campaign on behalf of the Islamic Revolutionary Guard Corps. A breach at Equifax resulted in the loss of personally identifiable information for an estimated 148 million consumers.
GAO identified four major cybersecurity challenges and 10 critical actions that the federal government and other entities need to take. The challenges are establishing a comprehensive cybersecurity strategy and effectively overseeing it, securing federal information systems, protecting critical infrastructure and protecting privacy and sensitive data.
Among the critical actions needed are installing more software or hardware to combat malicious attacks and improving the federal response to incidents.
GAO said it has made more than 3,000 recommendations to agencies since 2010 aimed at addressing cybersecurity shortcomings but that 1,000 had not been implemented as of this month.
A full copy of the report can be found here.