What governments must learn about security from 2015


Palo Alto Networks LogoGovernments remain vulnerable to cyber attacks as they are an attractive target for malicious hackers and criminals. According to Palo Alto Networks, governments must learn from past events to harden their networks and reduce the risk of successful cyber attacks.

Pamela Warren, director, Government and Industry Initiatives, Palo Alto Networks, said, “Governments should use 2016 to course-correct by using recognisable patterns and paying greater attention to best practices to make sure defence strategies are agile.
“Every year Palo Alto Networks assessed application usage and threats seen our customers’ networks. We analysed some of the larger attacks against government networks and a number of trends jumped out.”

Key trends the 2015 included:

  • SaaS is everywhere and can be used as an attack vector
  • remote access application usage is growing, giving attackers easier access to networks
  • weaponisation of local, regional, or international events at speed is increasing
  • attackers continue to target partners, contractors, and other with ‘outside-in’ access to networks
  • macros have reappeared as attack methods.

Pamela Warren said, “Government agencies and critical national infrastructure are repeated targets. Using the cyber attack lifecycle as a guide, attackers often used either an exploit to a well-known vulnerability or malware in spear-phishing campaigns to establish their initial beachhead.”

To protect themselves governments must:

  • be proactive and agile
  • understand cyber ranks and processes, demand accountability, and test and evaluate to ensure teams are working together to address cyber security
  • gain visibility into what applications are running in the network, who is using them, and why
  • reduce the attack surface
  • account for the entire cyber attack lifecycle
  • integrate network security controls to improve threat prevention and reduce response time
  • use a zero trust approach even with slower than desired patch cycles in large  government networks and sophisticated attackers trying any opportunity to get in and move laterally
  • decrypt SSL communications
  • measure the controls in place to ensure active readiness.

Pamela Warren said, “Threat prevention is possible but too often we see organisations doomed to repeat the same mistakes. If government agencies can learn from the security events of the past, then they can harden themselves against future attacks.”