Story image

Governments vulnerable to attack, says Palo Alto Networks

20 Apr 16

Governments need to reassess how they’re handling cyber attacks, according to Palo Alto Networks.

The company says government departments are an attractive target for malicious hackers and criminals, making them vulnerable to attack.

In order to avoid this, governments must learn from past events to harden their networks and reduce the risk of successful cyber attacks. 

“Governments should use 2016 to course-correct by using recognisable patterns and paying greater attention to best practices to make sure defence strategies are agile,” explains Pamela Warren, director, Government and Industry Initiatives, Palo Alto Networks.

“Every year Palo Alto Networks assessed application usage and threats seen our customers’ networks,” she says.

“We analysed some of the larger attacks against government networks and a number of trends jumped out.” 

Key trends 2015 include: 

  • SaaS is everywhere and can be used as an attack vector
  • remote access application usage is growing, giving attackers easier access to networks
  • weaponisation of local, regional, or international events at speed is increasing
  • attackers continue to target partners, contractors, and other with ‘outside-in’ access to networks
  • macros have reappeared as attack methods.

“Government agencies and critical national infrastructure are repeated targets,” says Warren.

“Using the cyber attack lifecycle as a guide, attackers often used either an exploit to a well-known vulnerability or malware in spear-phishing campaigns to establish their initial beachhead.” 

To protect themselves governments must: 
be proactive and agile

  • understand cyber ranks and processes, demand accountability, and test and evaluate to ensure teams are working together to address cyber security
  • gain visibility into what applications are running in the network, who is using them, and why
  • reduce the attack surface
  • account for the entire cyber attack lifecycle
  • integrate network security controls to improve threat prevention and reduce response time
  • use a zero trust approach even with slower than desired patch cycles in large government networks and sophisticated attackers trying any opportunity to get in and move laterally
  • decrypt SSL communications
  • measure the controls in place to ensure active readiness.

“Threat prevention is possible but too often we see organisations doomed to repeat the same mistakes,” Warren explains.

“If government agencies can learn from the security events of the past, then they can harden themselves against future attacks,” she says.

TCS collaborates with Red Hat to build digital transformation solutions
“By leveraging TCS' technology skills to build more secure, intelligent and responsive solutions, we aim to deliver superior end-user experiences."
Twitter suspects state-sponsored ties to support forum breach
One of Twitter’s support forums was hit by a data breach that may have ties to a state-sponsored attack, however users' personal data was exposed.
How McAfee aims to curb enterprise data loss
McAfee DLP aims to help safeguard intellectual property and ensure compliance by protecting sensitive data.
HPE promotes 'circular economy' for end-of-use tech
HPE is planning to show businesses worldwide that throwing old tech and assets into landfill is not the best option when it comes to end-of-use disposal.
2018 sees 1,500% increase in coinmining malware - report
This issue will only continue to grow as IoT forms the foundation of connected devices and smart city grids.
CSPs ‘not capable enough’ to meet 5G demands of end-users
A new study from Gartner produced some startling findings, including the lack of readiness of communications service providers (CSPs).
Oracle announces a new set of cloud-native managed services
"Developers should have the flexibility to build and deploy their applications anywhere they choose without the threat of cloud vendor lock-in.”
How AT&T aims to help businesses recover faster from a disaster
"Companies need to be able to recover and continue operations ASAP, without pulling resources from other places to get back up and running."