With local, state, and national elections fast approaching, the cyber security stakes are high. Citizens’ personal data and actual votes are valuable commodities for cyber criminals and bad actors. The impacts of a ransomware or denial-of-service attack on critical election infrastructure would extend beyond financial ramifications. The integrity of systems, voting results and even democracy itself would be called into question.
"My top priority is a safe and secure election that is free from foreign influence," said Gen. Paul Nakasone, U.S. Cyber Command Leader, in testimony given during a House Armed Services subcommittee hearing (his statements were reported in The Hill).
That’s why organizations such as State National Guards must be prepared to act, even in the absence of an Executive Order that mandates active duty.
Speed is critical. Our M-Trends research found that median dwell time for organizations that self-detect incidents was 30 days. Although that’s an improvement from last year (when the median was 50 days), it’s still a significant amount of time for bad actors to explore for vulnerabilities and lay the groundwork for malicious attacks.
Amplifying the challenge, security analysts are often using multiple security tools to manage their environments. In our Mandiant Security Effectiveness Report 2020, we revealed that organizations have deployed up to 70 different security solutions. Security teams must be able to efficiently and collaboratively cut through this complexity for increased visibility into threats. Shared access to threat intelligence can help teams quickly contextualize and act on credible threats.
The Power of Hive-IQ
TeamWorx Security’s Hive-IQ®, powered by FireEye, provides fast insights into alerts that can be shared across security teams. The workspace solution helps manage workflows between and beyond endpoint security solutions. It integrates automated tools, Mandiant Threat Intelligence, and deep-learning capabilities into a single, user-friendly ecosystem. This combination speeds the time between an analyst first seeing a threat to contextualizing it, sharing it with decision-makers, and turning the information into an action.
The power behind Hive-IQ is its integrated environment that results in more efficient processes and time management. For example, a rural public school recently suffered a cyber attack on its IT infrastructure. The State National Guard responded, as did other first responders. Using Hive-IQ with automated malware analysis and integrated threat intelligence, the incident was quickly recognized as a serious threat. Within three hours, the information was shared with partners in the federal government. This allowed for an immediate and direct flow of resources to support the school.
In addition, incidents like these can be shared with other State National Guard teams. This is critical because attacks that are successful in one instance are often then replicated. For example, a ransomware attack that crippled the city services of Baltimore last year turned out to be the same variant—RobbinHood—of an attack carried out against Greenville, North Carolina, according to various reports. The faster these sorts of correlations can be made and shared, the faster National Guard teams can respond with the right resources.
Protect and Defend
As the election cycle looms, it’s critical that state National Guards are prepared to protect and defend voting infrastructure. That means being able to analyze, expedite and quickly resolve credible threats. Hive-IQ provides the intelligence, technology, documentation, and reporting that organizations require to take fast and decisive action.
Chris Anthony founded TeamWorx Security in 2016 and currently serves as the company's CEO.