by Mitch Kokai
Senior Political Analyst, John Locke Foundation
Cyber attacks by foreign nations and criminals against both government and private sector networks are increasing in both sophistication and scale, a senior National Security Agency official said Wednesday.
Jonathan L. Darby, deputy chief of NSA’s cybersecurity operations group, said in a speech that recent cyber attacks against Ukraine’s power grid, malware strikes in Saudi Arabia, the Equifax data breach, and global ransomware attacks are the latest examples of the kind of attacks that are growing more dangerous and that will increase in the future.
“I expect the trend lines to continue. We’re going to continue to see attacks all around the world,” Darby told a conference sponsored by the State Department’s Overseas Security Advisory Council.
“Cyber adversaries today are becoming more sophisticated in how they operate,” he added.
Despite increased sophistication of attacks, “the tried and true method for how to get into networks is still very effective,” Darby said.
One of the most effective methods is the use of spear-phishing email attacks involving fraudulent emails seemingly sent from known users that contain links used by hackers to gain access to target networks.
“And some poor sap clicks on a link that’s embedded in there, and lo and behold that sender, that adversary is in that network,” Darby said.