One might think that government agencies would have the most secure network defenses available, but reports have shown that they are just as vulnerable as those operated by private businesses. Federal, state and municipal departments have all been successfully targeted by cybercriminals. In addition to gaining access to government databases filled with valuable information including Social Security numbers and financial records, hackers have also been known to launch attacks designed to disrupt agency operability. A new study on cybersecurity in the U.K. found that although officials within local government agencies identified improving IT defenses as one of their top three priorities, approximately half of respondents said they lacked the funding to adequately address the issue.
Hackers target federal agencies
Large federal government agencies have had just as much trouble with their cybersecurity needs. Hackers using a drive-by attack method recently infiltrated the U.S. Department of Labor website. Security experts warned the pubic to avoid the site as its servers had been infected with malware as a result of the attack. The assault reportedly exploited a web browser vulnerability to execute malicious code directly to the website’s server. The malware then gathered various pieces of data and uploaded them to a remote location. Officials announced that they have since patched the vulnerability that allowed the hackers to access to their system.
One of the alarming aspects of this incident was the revelation that only two out of 46 antivirus scanners could initially identify the code as malware. After several programs updated their threat lists, that number rose to 15. Unfortunately, antivirus programs can only identify what they know, which means that new malware strains, sometimes known as zero day viruses, can easily elude their search protocols. In addition, if IT teams and individual users do not update their threat lists on a regular basis, their antivirus software programs will be far less effective over time.
Overcoming the limits of antivirus
Although antivirus software is a key component of a comprehensive data security plan, users should supplement network defenses with additional resources. Application control and whitelisting programs can be extremely useful for those who want to protect themselves against new or unknown malware strains. By establishing a list of which applications are authorized to run on their systems, users can prevent malicious code from bypassing their antivirus protocols and infecting their computers. Paired together, antivirus and application control software can provide concerned web surfers with a formidable defense against the threat of cybercriminals.