Governments need to reassess how they’re handling cyber attacks, according to Palo Alto Networks.
The company says government departments are an attractive target for malicious hackers and criminals, making them vulnerable to attack.
In order to avoid this, governments must learn from past events to harden their networks and reduce the risk of successful cyber attacks.
“Governments should use 2016 to course-correct by using recognisable patterns and paying greater attention to best practices to make sure defence strategies are agile,” explains Pamela Warren, director, Government and Industry Initiatives, Palo Alto Networks.
“Every year Palo Alto Networks assessed application usage and threats seen our customers’ networks,” she says.
“We analysed some of the larger attacks against government networks and a number of trends jumped out.”
Key trends 2015 include:
- SaaS is everywhere and can be used as an attack vector
- remote access application usage is growing, giving attackers easier access to networks
- weaponisation of local, regional, or international events at speed is increasing
- attackers continue to target partners, contractors, and other with ‘outside-in’ access to networks
- macros have reappeared as attack methods.
“Government agencies and critical national infrastructure are repeated targets,” says Warren.
“Using the cyber attack lifecycle as a guide, attackers often used either an exploit to a well-known vulnerability or malware in spear-phishing campaigns to establish their initial beachhead.”
To protect themselves governments must:
be proactive and agile
- understand cyber ranks and processes, demand accountability, and test and evaluate to ensure teams are working together to address cyber security
- gain visibility into what applications are running in the network, who is using them, and why
- reduce the attack surface
- account for the entire cyber attack lifecycle
- integrate network security controls to improve threat prevention and reduce response time
- use a zero trust approach even with slower than desired patch cycles in large government networks and sophisticated attackers trying any opportunity to get in and move laterally
- decrypt SSL communications
- measure the controls in place to ensure active readiness.
“Threat prevention is possible but too often we see organisations doomed to repeat the same mistakes,” Warren explains.
“If government agencies can learn from the security events of the past, then they can harden themselves against future attacks,” she says.