US-CERT Presents Cyber Security Seminar
By: Courtney Ricks
, LARSS intern
Cyber world is not a perfect place. It involves real and present threats, as Mitchell Wander, a senior watch officer for the United States Computer Emergency Readiness Team (US-CERT), explained to an audience at NASA’s Langley Research Center. US-CERT is a sector of the Department for Homeland Security, which fights to prevent and disrupt the cyber theft of intellectual data.
Is someone electronically watching your computer? Could a stranger gain access to your personal files? Are government computers more secure than your home system?
Although illegal access to a government computer can take months, sometimes years to complete, online hackers and other cyber criminals remain determined to get in.
NASA Langley's Office of the Chief Information Officer (OCIO) is equally as determined to keep them out. OCIO recently hosted "The Cyber Threat Environment," a seminar for government agencies and the online threats they face.
Wander presented both defensive and prevention methods for cyber threats. His most prominent advice to NASA employees: "If you see something strange, say something about it."
"Hacktivists" groups, like the highly publicized Anonymous hackers, are a large concern for US-CERT and their partnering organizations. They are known for defacing websites, denial of service attacks and the theft of personal or confidential data.
Research and the intellectual data created on a daily basis at Langley is a target for criminals, hackers, state sponsored actors, terrorists, hacktivists and possible insiders.
"Research costs tens of thousands of dollars, and decades to develop,” Wander explained.
Wander strongly encouraged NASA employees to take necessary precautions to prevent security breaches and to ensure that confidential material is not leaked. He stressed that passwords used for government and work environments should be different from those used in personal accounts and social media sites, citing the recent exposure of passwords for the social media site LinkedIn.
“Users can either facilitate or prevent the problem,” Wander told the audience. "Exposed passwords for LinkedIn
could be traced back to NASA which would then allow for a security breach if work passwords match."
Wander has been working for the Department of Homeland Security for less than a year, and previously worked for the CERT program in the Army Reserve. He was mobilized three years for the Army’s CERT division, managing and creating plans for their technology units. Wander is currently assigned as a forensics team leader of the National Capital Region Information Operations Center.
Wander acknowledged the differences between a military approach to cyber security and the Department of Homeland Security’s methods, but the threat factors are the same.
"It’s unpredictable," Wander noted about his job within US-CERT. "We are very much events driven, and it’s how we manage or react to incidents that makes us successful or not successful."
Anyone can access the US-CERT website, which has tips and features for improved cyber security. The site features sections for both government employees and those in personal homes and businesses -- no hacking necessary.
FOR MORE INFORMATION
The Researcher News
NASA Langley Research Center
Editor & Curator: Denise Lineberry
Executive Editor & Responsible NASA Official: Rob Wyman