The US Department of Justice (DOJ) this week released the first report from its Cyber Digital Task Force – which was set up in February to advise the government on strengthening its online defenses.
The report [PDF], compiled by 34 people from six different government agencies, examines the challenges facing Uncle Sam's agencies in enforcing the law and protecting the public from hackers. It also lays out what the government needs to do to thwart looming threats to its computer networks.
Here are a few of the highlights from the 156-page document:
Locking down elections
With the US midterm elections just months away and fears of foreign meddling already on people's minds, the task force told the government to buckle down and prepare for even more attempts from Russia – and maybe others – to mess with voters and disrupt the election.
"Malign foreign influence operations did not begin in 2016, but the Internet-facilitated operations in that year were unprecedented in scale," the task force says.
"The threat such operations pose to our society is unlikely to diminish."
The Task Force says that measures are already being planned for election day to prevent attacks and fraud attempts. They revealed that a team of agents and executives from the FBI along with the DOJ's Public Integrity Session, its Civil Rights Division, the Department of Homeland Security and states attorney generals will coordinate under a single banner to help ensure the integrity of the vote count.
"In the weeks and months leading up to the 2018 midterm elections, these components will plan responses to election-related issues and identify lines of coordination and communication," the report reads.
"On Election Day, they and a commissioner from the US Election Assistance Commission will arrange regular secure video teleconferences with Department leadership and other agencies, including the National Security Council."
Let's (not) Encrypt
If you've been following the news for the last few years it will come as no surprise that the Justice Department is not a fan of the common man having access to encryption.
The report bemoans the current state of encryption and its ability to keep the government from gathering and analyzing traffic for criminal investigations. The word 'encryption' comes up 17 times in the report, not once in a favorable light.
"In the past several years, the Department has seen the proliferation of default encryption where the only person who can access the unencrypted information is the end user," the report reads.
"The advent of such widespread and increasingly sophisticated encryption technologies that prevent lawful access poses a significant impediment to the investigation of most types of criminal activity."
The report also takes a shot at Tor, which is a bit ironic seeing as the anonymization service got its start as a US government project.
"Tor not only anonymizes criminals’ Internet traffic, but also allows them to host websites, called Hidden Services, on servers whose location is similarly masked using Tor," the report notes.
"Criminals have exploited Hidden Services to facilitate numerous forms of illicit commercial and other criminal activity."
Defend like the DOJ
So what is the government doing to protect itself from cyber attacks? The report notes that, in addition to creating a number of internal groups that focus exclusively on information security, it also mandates training across the board, requiring every person working in its ranks to attend annual cybersecurity training.
"Adequate training ensures that everyone within the Department has a basic understanding of the relevant threats, their role in protecting our information and information systems, and how to detect and respond to cybersecurity events," the report notes.
Trump wants to work with Russia on infosec. Security experts: lol noREAD MORE
"Typical web-based training is most common; however, many training delivery mechanisms are used to get the broadest penetration of the material."
Ultimately, however, the DOJ notes that there is only so much the government can do on its own, and the report underscores how important it will be going forward for the department to partner with private companies to both gather intelligence on new threats and protect critical information from foreign attackers.
"Virtually every instance of cyber-related crime implicates the private sector in some way, whether the private sector is the target of malicious cyber activity, the provider of technology or services through which cybercrimes are committed or concealed, or the repository of evidence (such as communications) relating to cyber-enabled criminal activity," the task force concludes.
"As such, the relationship that the Department, including the FBI, builds and maintains with the private sector is critical to our efforts to combat cybercrime." ®