Threats to government cybersecurity are rising exponentially, as they are for all organizations worldwide. Data breaches alone now cost USD 5.2 trillion globally1 and have exposed about 22 billion data records.2
Contributing to the growth in breadth and complexity of the threat landscape are three main factors: the increasing sophistication of attacks; fragmentation of security solutions that leave gaps, making data vulnerable; and the expanding number of available attack surfaces.
In government and public sector environments where every operation revolves around data, securing communications end to end is a fundamental requirement. The need for all aspects of security to work together—from operating systems (OSs) and software to firmware and hardware—has never been greater. Cyber attackers are increasingly targeting firmware vulnerabilities, according to the National Institute of Standards and Technology (NIST).3 Software protections, including OS security and data encryption, are no longer enough.
Escalating Cybersecurity Risks
Cybercriminals, both domestic and foreign, often target public sector infrastructure and systems. The range of incidents includes malware, phishing, distributed denial of service (DDoS) attacks, unauthorized access, supply chain attacks, and control system attacks. Recent data reports highlight the scale of the cybersecurity challenge:
- In FY 2021, US federal civilian agencies reported over 32,000 security incidents to the Department of Homeland Security, according to the U.S. Government Accountability Office.4
- Ransomware attacks doubled in the second half of 2022, targeting organizations across industries.5 A 2022 Comparitech report found that ransomware attacks against US government agencies from 2018 to October 2022 potentially impacted nearly 230 million people—more than half of the US population— with an estimated downtime cost of over USD 70 billion, which is more than the national GDP of half the countries on the planet.6
- Cryptojacking typically consumes up to 50 percent of the endpoint compute resources of infected systems, going months or more without detection.7
- By the end of 2019, firmware vulnerabilities had increased by five times over the previous three years, and the number continues to grow today.8 Firmware incursions below the OS are one of the hardest attacks to detect, are the least likely to be patched, and have the biggest potential impact, as most antivirus programs focus on the OS and above. Such attacks can be undetectable by traditional programs and practices.
- Counterfeiting, tampering, theft, and insertion of hardware and software are increasing. Sonatype’s 8th Annual State of the Software Supply Chain report found that supply chain attacks increased an average of 742 percent per year between 2019 and 2022.9
- Cisco predicts DDoS attacks will reach 15.4 million by 2023, more than double the amount seen in 2018.10 Additionally, 2022 threat reports from both NETSCOUT and Cloudflare reported increases in DDoS attacks across network and application layers.1112
Security experts have long said that complexity is the worst enemy of security. The current landscape is rife with complexity, and the proliferation of spot security solutions and lack of a cohesive risk management approach is only helping to compound the problems.
Securing the Technology Stack
A secure government technology infrastructure helps support the delivery of essential services. These span local public safety and national security to protect citizens, disease control and prevention to ensure health and well-being, and transportation to keep commerce moving. A strong, comprehensive cybersecurity strategy helps protect citizens’ personal data and government data simultaneously and enables users to conduct operations with more confidence.
Our experts at Intel believe the best strategy to cybersecurity is a proactive, end-to-end, zero trust approach that requires integration across people, process, and technology to address six key areas:
- Threat and risk management
- Data and application security
- Identity access management
- Network security
- Host and system security
- Supply chain security
The Importance of Hardware-Based Security
Hardware-based security capabilities can play a fundamental role in state, local, and federal government cybersecurity defense. They can help protect data and devices from the endpoint—which may be a laptop, security camera, drone, or other piece of equipment deployed in the field—through the network and to the data center and cloud.
Hardware-enabled security features are a cornerstone of Intel® products and technologies. We integrate security features into our products and create specific hardware and software to help secure data against cyber attackers. All Intel® products are also designed, manufactured, and maintained using the industry’s best security practices. Learn more about Intel® security.
With so many security functions included, one step toward enhancing the robustness of your current system is to periodically review your Intel® products to take full advantage of their capabilities as your security needs evolve to solve today’s problems and to drive future architectures.
PC Client Security
The Intel vPro® platform provides hardware-enhanced security technologies and fast, responsive performance for business computing. It includes features like Intel® Hardware Shield, which provides enhanced protections against attacks below the OS and advanced threat detection capabilities, including Intel® Threat Detection Technology (Intel® TDT) and Intel® Control-Flow Enforcement Technology (Intel® CET), both available on 11th Gen or newer Intel® Core™ processors, for increased platform security.
Intel® TDT is built into our silicon to enhance the solutions provided by independent software vendors. It enhances existing capabilities and improves the detection of cyber threats and exploits. Learn more by reading the Intel® TDT solution brief.
Intel® CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks—widely used techniques in large classes of malware. Intel® CET offers software developers two key capabilities to help defend against control-flow hijacking malware: indirect branch tracking and shadow stack. Indirect branch tracking delivers indirect branch protection to defend against jump/call-oriented programming (JOP/COP) attack methods. Shadow stack delivers return address protection to help defend against return-oriented programming (ROP) attack methods. These types of attack methods are part of a class of malware referred to as memory safety issues and include tactics such as the corruption of stack buffer overflow and use-after-free. For technical details, see A Technical Look at Intel’s Control-Flow Enforcement Technology.
To learn more about the security features available with Intel® Hardware Shield, read our Intel® Hardware Shield Overview white paper. For a detailed evaluation of the various Intel® Hardware Shield security controls relevant to federal and public sector security programs, download the Coalfire Intel vPro® security controls assessment technical white paper.
Beyond the robust, integrated security capabilities, Intel vPro® offers additional features to help reduce support time and costs, including Intel® Active Management Technology, which enables remote discovery and recovery capabilities, even in cases of power loss or OS failure.
Intel® Security Essentials
Intel® Security Essentials delivers a built-in hardware foundation of trust. This helps protect platforms and data and enables trusted applications without compromising performance:
- Intel® Trusted Execution Technology (Intel® TXT) creates isolated enclaves in which applications can run in their own space.
- Hardware-assisted acceleration of performance-intensive cryptographic operations forms the basis of platform trust and security functions.
- Protected data, keys, and identity help ensure encryption and storage for sensitive information at rest and in transport and help prevent misuse or disclosure.
- Platform integrity comes from a protected and verified boot process with hardware attestation.
It’s critical to protect endpoints from security threats. Intel supports edge security in several ways.
Internet of Things (IoT) Security
IoT security must be capable of covering hundreds or thousands of connected devices and the immense volumes of data they generate.
For context, according to a 2023 Statista report, there are an estimated 19.8 billion connected IoT devices in use worldwide, with the number forecasted to grow to 30.9 billion by 2025.13 Additionally, by 2025, IDC predicts that the data volume from the global datasphere—all data created from endpoint to edge to data center—will reach 175 zettabytes.14
Intel advocates integrating security into IoT solutions, starting with the compute device itself. Advanced hardware and software can help prevent harmful applications from being activated on a device or from taking down a network.
We work with our partners in the IoT ecosystem to design solutions with security in mind. Intel® IoT Market Ready Solutions (Intel® IMRS) are scalable, repeatable, end-to-end solutions available now. They are designed specifically for healthcare, smart cities, and other public and private sector markets. Intel® IoT RFP Ready Kits help solve industry-specific challenges with bundled hardware, software, and support. OEMs, ODMs, ISVs, and distributors develop these kits on a foundation of Intel® technologies.
Intel® QuickAssist Technology (Intel® QAT) delivers a highly efficient network and software-defined infrastructure (SDI). It provides acceleration for security, authentication, and compression algorithms for high performance in data center and cloud systems. Accelerating SSL/TLS with Intel® QAT enables:
- High-performance encrypted traffic throughout a secured network
- Compute-intensive symmetric and asymmetric cryptography
- Platform application efficiency
Intel® QAT delivers performance across applications and platforms. This includes symmetric encryption and authentication; asymmetric encryption; digital signatures; RSA, DH, and ECC cryptography; and lossless data compression.
Data Center and Cloud Security
Government systems increasingly rely on cloud and virtualized infrastructure comprising virtual machines (VMs), containers, or both.
Intel® technologies, such as Intel® TXT, Intel® Security Libraries for Data Center (Intel® SecL-DC), and the recently announced Intel® Converged Boot Guard and Trusted Execution (Intel® CBnT), provide trusted infrastructure capabilities for cloud, virtualized, and containerized environments.
Intel® TXT and Intel® SecL-DC provide scalable security controls enabling trusted boot and attestation to the authenticity of the platform configuration, BIOS and OS/virtual machine monitor (VMM), and even guest environments. Intel® CBnT adds integration with Intel® Boot Guard to Intel® TXT to provide verified boot capabilities for servers.
Modern data centers built upon silicon-based trusted infrastructure are better able to consolidate servers, allow distributed virtualization, and support both private and hybrid clouds. In the data center, Intel® Software Guard Extensions (Intel® SGX) helps protect application integrity and data confidentiality, while Intel® AES New Instructions (Intel® AES-NI) speeds up data encryption to help protect data at rest and in transit without performance penalties.
Data centers powered by Intel® Xeon® Scalable processors help reduce costs while supporting cloud security.
Supply Chain Security
Today’s supply chains are overly complex, far flung, and dependent on other variables like speed and cost. Intel is committed to improving the integrity and traceability of Intel® products throughout their life cycles.
Compute Lifecycle Assurance (CLA) is an industry-wide effort that establishes an end-to-end framework to improve transparency from build to retire. CLA can help improve platform integrity, resilience, and security.
The Intel® Transparent Supply Chain (Intel® TSC) is a solution that relies on sets of policies and procedures implemented at our manufacturers’ factories. These enable our customers to validate where and when components of a platform were manufactured.
The Future of Cybersecurity
Cybersecurity is ever evolving to address developing threats while also supporting technological advancements to solve today’s most pressing challenges. Government institutions, public sector organizations, and technology companies alike are reexamining their approach to protective measures in security and privacy.
Intel is dedicated to working with our solution partners across the data ecosystem to develop secure and robust solutions that enable government and public sector agencies to secure their end-to-end operations and deliver safe and innovative new services to all citizens.