By Ian J. Malloy
Much like any situation, the cyber security (CYSEC) threat-landscape of a county, in a state of the US, does not have a ‘one glove fits all’ solution. Several aspects of a solution may be analogous or have the same basic underlying structure but certain nuances play a critical role in identifying exactly what the threat-landscape is for a specific county being targeted. A simple example of this is difference between a county in the Ozarks of America compared to one in New York or even North Dakota. Each geospatial arena creates a requisite environment based on sociological, economical, humanitarian, psychological and environmental factors, each with varying degrees in specific places. Underlying each of these arenas are water systems, sewer systems, traffic lights and multiple nodes functioning at each point in a vector space of cyber systems.
As you picture each of these nodes, imagine a fractal blossoming out of each one. This represents the internet of things, but it is not endless. Levels, all systematic levels, have an end, be it a network or computer. Whether or not a threat is self-sustaining or designed to spread using the highest level of big data analysis and potent search algorithms; even a simple crafted phish could lift the right data. Education, critical review of infrastructure, and the proper tools can aid the civil servant CYSEC professional to navigate his or her way through his or her advanced-persistent threats, phishing attempt or trojan.
A solution must be just as multifaceted as the problem, but more robust and holistic. If a proper response is created, a Proactive Automated Defense Unit (PAD Unit) should be implemented, capable of adapting itself to the environment and also acting as first responder to an attack. A reconnaissance PAD (RPAD) could be used as a back-trace capable software, compiling signal intelligence (SIGINT) to capture geolocation, screenshots, and activate the webcam of the attacker. This is only one example of a basic response. Attackers may target largely populated counties to do the most damage, or target minimally populated areas to better mask their attack. If we can utilize the knowledge that attackers face, a serious retaliation that is triggered automatically could accomplish this. This accomplishes two things: 1) makes the attacker think harder before attacking, knowing they face a potentially damaging retaliation and 2) actually creates more time before and during the attack where the latter isn’t even during an intrusion but effectively being ‘stopped at the door.’ All packet flow needs to be monitored by advanced-persistent methods utilizing the cutting edge of big data analysis and search methods.
With the US’s military secrets and NSA intelligence either stolen or stolen and disbursed, the US definitely has egg on its face. County CYSEC will take a top-down (US NIST legislation) and bottom-up (NACO) approach as both must work together, first on a needs base and second on an all inclusive base. Proper analysis must be undertaken to understand the underlying structure and threats in place in a county in order for it to adequately protect itself, which it should have the capability to do so.
Ian Malloy is the CEO and Head Researcher of Malloy Labs, Llc. which offers Smart solutions for difficult issues. Malloy Labs is an award winning company for its work in cyber security and applied artificial intelligence. Mr. Malloy received a BA from Augustana College in 2010 with a double-major in Philosophy and Psychology. Mr. Malloy is a NASA South Dakota Space Grant alumni, funded to design multi-sensory, artificial intelligence.