Earlier this month, reports surfaced out of Virginia about a hacker holding information for ransom. The hacker reportedly stole about 8 million pharmaceutical records from the state’s prescription drug database. A ransom note was then sent to state offices demanding $10 million. Governor Tim Kaine and other officials have since expressed confidence that no personal information is at risk, but recommend that anyone concerned about possible identity theft keep track of personal financial statements and periodically review credit reports. The incident has since created a heightened state of awareness for state and local agencies responsible for sensitive information.
In conjunction with other reports about air traffic control, energy grid, and Defense computer system hacks, the problem may be worse than you think, reports Nextgov. According to James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies, a significant security incident is reported every six weeks on average.
“If Chinese or Russian spies backed a truck up to the State Department, smashed the glass doors, tied up the guards and spent the night carting off file cabinets it would be an act of war,” Lewis said, “but when it happens in cyberspace, we barely notice.”
To help the National Security Agency (NSA) and the Department of Homeland Security (DHS) securing the nation’s most vital information networks, Ken Page, a program manager for Microsoft Federal Services, and his team have developed a set of security standards for servers called the Federal Server Core Configuration.
“The Federal Server Core Configuration (FSCC) helps create the most secure servers possible,” says Mr. Page. “By securing every server role and implementing our proven Desktop Security Core Configuration, Microsoft can help improve system-wide security and manageability.”
Through the FSCC government agencies can enhance security, reduce costs through standardization and help agencies adopt emerging technologies more quickly. “We’ve seen absolutely dramatic results with our federal offerings,” developed in part with DISA and the NSA. “Now, state and local governments are beginning to see the importance of shoring up their information by signing on with our secure desktop core configuration. The Server Configuration is the next step, which will provide the added security they need.”
“Cyber security is a worldwide issue and [improving] it will take a holistic government effort.”
And as some states are finding out, the need to secure network information is not just a federal issue.