For many organizations, cloud migration and digital transformation can seem like daunting tasks, but their benefits are growing into necessities. Along with advanced digitization, identity management should be a key consideration when developing a cybersecurity strategy, especially for an organization as consequential as the U.S. government.
In 2020, enemy interlopers, most likely of Russian origin, used verified credentials to exploit SolarWinds software, and to remain undetected within government infrastructure for months. Experts like Jay Gazlay, a Technical Strategist at the Cybersecurity and Infrastructure Security Agency (CISA), recommend treating identity as the most vital boundary to protect when designing and applying new, modernized cyber infrastructure. Unfortunately, funding for IT modernization falls short of meeting the possible dangers associated with weak legacy systems. Until governmental networks implement updated identity protection and verification, the U.S. is vulnerable to more attacks like the SolarWinds breach.
Digital adversaries have shifted their strategies from external infiltration to gaining credentialed access, co-opting the identities that have access to systems, and going undetected long enough to do considerable damage. The 2015 cyberattack on the U.S. Office of Personnel Management (OPM) compromised the personal information of 22 million federal employees, including security clearance and fingerprint data, and while there are no apparent direct connections between it and the SolarWinds breach, both clearly illustrate the need for enhanced access management protections.
For one example, the brute force cyberattack known as password spraying targets multiple accounts with commonly used passwords, a wager that hinges on poorly protected access points, avoiding detection through the sheer breadth of attack. The National Institute of Standards and Technology (NIST) maintains digital identity and security configuration guidelines that are intended to provide technical requirements for federal agencies, but without a unified governmental IT infrastructure, these standards are difficult to ensure.
Outdated systems are growing more vulnerable every day that they are not replaced and upgraded, and the effects of their vulnerability have the power to cripple everything from national security to critical public aid. The COVID-19 pandemic exposed the weakness of federal IT legacy infrastructures, leading to a wide variety of challenges and complications for both government agencies and individual citizens. Supply chain attacks, like the SolarWinds breach, have the potential to bring both civilian and federal systems to a halt, or to reveal classified and confidential information. Federal organizations must adopt an enterprise cybersecurity risk management framework, across the whole of the government, in order to assess and prioritize weaknesses while safely and securely migrating to a cloud-based infrastructure. Identity and access management commonly acts as an entrance for bad actors; securing that gateway is essential to the welfare of both citizens and the government issued with protecting them.