WASHINGTON – State officials said hundreds of thousands of web attacks batter Arizona agencies every day, not to mention attacks on private businesses, adding up to millions of attempted hacks in a given month.
In the face of those threats, public and private organizations in Arizona have joined forces in one of the nation’s first information-sharing alliances to combat criminal hackers and their “increasingly sophisticated” techniques to steal data.
The ensuing battle between “black hat” hackers and “white hat” cyber security officials “reflects the reality that we are in a Cold War,” said Frank Grimmelmann, president and CEO of the Arizona Cyber Threat Response Alliance.
See related stories:
The alliance is Arizona’s “hub for collaborative cyber information sharing … where partners from industry, academia, law enforcement and intelligence come together,” according to its website. State agencies are “invited guests” to the alliance, Grimmelmann said.
Its greatest strength is the anonymity of its member organizations, said Owen Zorge, chief information officer and director of Information Technology and Assurance at the Arizona Department of Emergency and Military Affairs.
“The anonymity of the organizations and their ability to quickly share” program vulnerabilities allows rapid “reporting and responding to cyber threats,” Zorge said.
Grimmelmann said the alliance was formed in January 2013 under the leadership of five private organizations, which collaborated with the FBI, the Department of Homeland Security and the Arizona Counter Terrorism Information Center.
He said it received no public funding, and still does not. It was one of the nation’s first “Information Sharing and Analysis Organizations” – a term that didn’t exist until this February when President Barack Obama directed the Department of Homeland Security to “strongly encourage the development and formation of Information Sharing and Analysis Organizations.”
The Homeland Security website said the public-private alliances now “play an invaluable role in the collective cyber security of the United States.”
Arizona cyber security officials said the state’s alliance also plays a crucial role in protecting the private information of citizens.
Mike Lettman, Arizona’s chief information security officer, said Arizona state agencies alone see an average of 8.3 million web attacks each month – and that number excludes the state’s universities and its judicial and legislative branches.
The monthly total includes roughly 3,000 Trojan attempts and 50 SQL injection attacks against the agencies every day, Lettman said.
Trojan programs trick people into believing a program does one thing when it really performs “a malicious action on your computer,” according to a federal report. The report said SQL injections try to “subvert the relationship between a webpage and its supporting database, typically in order to trick the database into executing malicious code.”
Lettman said the number of attacks on Arizona’s agencies might seem high, but other governments in other states “are seeing those same kinds of numbers.”
According to Grimmelmann, Arizona’s public-private alliance protects Arizonans by helping organizations protect their personal information, as well as the state’s critical infrastructure.
“It has two primary objectives,” Grimmelmann said of the alliance. “To protect critical infrastructure in order to avoid attacks in the first place … or, if a single member is attacked, to avoid attacks on other members.”
The Homeland Security website lists 16 critical infrastructure sectors that, if incapacitated, “would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”
Grimmelmann said Arizona’s alliance has representatives from 14 of the 16 sectors, but declined to give any more details due to operational security concerns.
The critical infrastructure sectors cited by Homeland Security include chemical industries, communications, dams, emergency services, commercial facilities, healthcare and public health, critical manufacturing, and defense industrial base sectors. Also included are the energy, financial services, food and agriculture, government facilities, information technology, water and wastewater systems, transportation systems, and the nuclear reactors, materials and waste sectors.
Lettman said many attacks target data that could include personal information on Arizonans – which makes combating them more than just a job for cyber security officials.
“It’s our family’s data, it’s our friends’ data” that hackers try to steal, Lettman said. “To us, it’s personal.”