January 20th, 2017 was the Presidential Inauguration of the 45th President of the United States of America, and there were plenty of hot topic issues to debate, which you can read about…somewhere else.
When it comes to cyber security, our eyes and ears were on the protection of the event itself.
What does it take to carry off an event of that scope, without a hitch? The answers may surprise you, but also enlighten you.
Generally, cyber security in the United States federal government seems scattered about: Department of Homeland Security here, CIA there, FBI over yonder…much could be said in favor of a federal cyber restructure.
However, for the Presidential Inauguration, everyone reports to the same entity: the Secret Service. The Secret Service operates under the Department of Homeland Security and is responsible for protecting the United States President, President-Elect and family. Their big event, the democratic changing of the presidential guard, occurs every 4 years, though their duties remain fairly constant in between.
The Secret Service handles the physical infrastructure of the big event, but also all of the subcomponents, including the cyber communications.
Just consider the hundreds of chairs needed to seat everyone on the stands at the inauguration: one minute detail that needs to be perfect in front of a live and streaming global audience. Then consider the scores of people safely escorted around town, to the morning church service, tea, inauguration ceremony and evening balls. Five U.S. presidents were in attendance (the elder George Bush was unable to make it), each requiring protection, among other VIPs, such as senators.
Parade routes, pedestrian management, even monitoring the “no fly zone” airspace above the inauguration, were all part of the infrastructure needing to be secure for a smooth Presidential Inauguration.
We truly live in a digital age, and an event like the Presidential Inauguration has layers of computerized communication systems. Here are a few, potentially hackable points that the secret service needed to protect and monitor:
• Ear pieces for team communication
• Cell phones and hands free units
• Computerized technology in vehicles transporting VIPs (locks, breaks, GPS, etc. all with potentially computerized components)
• Citywide security cameras and the internet of things (IoT)
• Traffic signals
• City power grid
• City water system
• Air traffic control communications
• Emergency services and first responders communications (even 911)
If any of that partial list of critical infrastructure components, in any of the venue locations, had suffered a malicious attack, the result would have been a fiasco and possibly a threat to the survival of the individuals involved and the democratic process.
To make security possible, the Secret Service takes on the job of protecting the entire city of Washington, D.C. during a presidential inauguration, but that isn’t even where the job begins. Several months to a year beforehand, the team monitors cybersecurity threats and trends—events like the Ukrainian power grid malware cyber attack become case studies for analysis for prevention of similar threats on the day of the Presidential Inauguration. Malware, bot armies, and digital exploits of all kinds must be understood by the secret service team, so that similar attacks cannot take place during the event itself.
All preparations for the Presidential Inauguration have one primary focus: be prepared, and immediately shut down any attack. Be it a stray bullet or a stray hack, the Secret Service prepares for the worst, and in the event of such a threat acts quickly. Though, of course, prosecution would happen to any perpetrator if at all possible, the immediate action response plan would just be to neutralize the threat.
Prepare Like the Secret Service
Chances are, your daily business operations are not on the scale of a Presidential Inauguration. Still, you can learn some important lessons from the Secret Service in preparing your own business infrastructure to prevent cyber attack:
• Familiarize yourself with frequent attack strategies
• Safeguard your infrastructure against known types of attacks
• Monitor insider security feeds through an appropriate cyber monitoring service: know your enemy; know their tactics.
• Streamline your response plan. Don’t be wary, be prepared.
You don’t have to be an elite division of the Department of Homeland Security to ensure your safe business operations, if you prepare like one.