DISA intelligence director speaks about emerging cybersecurity threats


By the Office of Strategic Communication and Public Affairs
March 1, 2024

Army Col. Richard Leach
(DISA photo by Austin Suggs)
 
On Feb. 28, Army Col. Richard Leach, Defense Information Systems Agency director of intelligence, spoke at the Digital Protection Summit in Washington, D.C. His fireside chat, titled, “The convergence of cyber and identity security,” focused on the evolving cybersecurity threats the Department of Defense is facing. He emphasized the intersection of personal and organizational security as well as the threats and opportunities of artificial intelligence.

The challenges of emerging technology

Leach opened by emphasizing how COVID and remote work changed the cybersecurity landscape. With employees suddenly working from home and using virtual private networks, these rapid changes, “became ripe objects for the adversary to look at.”

As people's homes became their offices as well, Leach noted that a real danger came when people took the same approach to cybersecurity for both. Most importantly, far too many people used the same passwords for home and work. Then when data leaks occur, something as seemingly trivial as an employee's streaming password being compromised could be the key hackers need to access an enterprise network.

Of course, remote work isn’t the only important development in recent years for cybersecurity. The rise of AI has been immensely impactful by decreasing the amount of technical expertise needed to carry out cyberattacks. For instance, the data leaks mentioned above were a problem before AI, but with AI hackers can comb through leaks for information on particular, high-value individuals faster than ever. In Leach’s words, “finding the needle in the haystack has become so much easier.”

Another example Leach gave was hackers using AI to find code that will break into internet connected consumer devices in homes such as cameras, refrigerators and more. “The AI is really starting to be able to write that code for you. So I don’t have to be a super smooth state-sponsored hacker. I can be a script kitty sitting at home, typing that into ChatGPT and getting that back,” said Leach.

According to Leach, hackers will then harvest as much personal data as they can. Since personal security is tied up with enterprise security, this data has become even more valuable.

As Leach said, hackers “get a two-for-one deal. One, they can go after us for our connections and what we do within the government or corporations – because corporations have people that are just as much targeted as DOD folks. Then on the personal side, those criminals will come back and say, ‘okay, what can I get off this individual? Either I can use his persona to go out and link with other people’s personas or I can just use it, go shopping or get credit cards.”

The solution

Put together, the outlook for cybersecurity can seem bleak. Nevertheless, Leach insisted emerging technologies also offer opportunities for greater defense.

For instance, while AI will result in more attacks, Leach emphasized it will also empower analysts to work faster. “There’s no way I can hire enough analysts to sort through all of that, so we’re going to have to use those APIs and those large hybrid models to sort through the data.” He continued by pointing to Thunderdome, DISA’s zero trust solution, as an example of combining different emerging technologies to increase security.

In addition to adopting new technologies, DISA is adapting its approach to cybersecurity. Leach said DISA is moving away from old models of cybersecurity built upon a castle and moat approach. Instead, DISA is prioritizing Zero Trust. Meanwhile, Leach is charging his team with two things: “know your network and think like a hacker.”

Finally, Leach emphasized that cybersecurity is a team sport. It’s on everyone to take cybersecurity seriously, which is why cyber education is so important. Leach said, “We’re constantly trying to educate the workforce on what are the proper cyber hygiene things they should be doing.”

If you’re interested in learning more about how you can practice good cyber hygiene, check out public.cyber.mil