Governments around the world are continuing their efforts in establishing digital channels to provide online services to the public. They are increasingly using email, websites, and mobile apps to provide online services.
Denmark, for example, is among the global leaders in e-government and has made using digital tools mandatory for communication between its citizens and the government. Other countries are also using one-stop portals to provide transactional services and public information.
These digital channels, however, have become prime targets for hackers. Government portals can be vulnerable and many still fail to implement capable security measures to protect these channels. In 2019, local governments in Florida suffered from ransomware attacks due to poor security, with hackers demanding $1 million from Pensacola City in exchange for stolen documents.
As such, it’s critical for governments to invest in security measures to protect their portals from these evolving threats. Fortunately, governments are taking positive steps to do so. The local government of Tel Aviv in Israel recently partnered with odix to implement enterprise-grade malware disarm protection to protect its portals against malware and file-based attacks. Such measures are now crucial to prevent potentially catastrophic attacks from happening.
Government portals as targets
Government systems have shown to be vulnerable to various threats. Last 2019, at least 113 state and municipal governments and agencies were hit by ransomware attacks according to Emsisoft. Succumbing to such attacks can result in data loss, disrupted transactions, and network failures.
Aside from ransomware, government portals are also susceptible to data breaches. These portals typically process personal identifiable information including names, contact details, and social security numbers, which, when compromised can be damaging to citizens.
Residents of the city of Bend in Oregon who paid their utility bill online through the city’s payment portal recently have had credit and debit card information stolen when hackers successfully inserted a malicious code to the portal’s software. Their data can then be sold on the black market or be dumped online, exposing them to other cybercrimes such as fraud and identity theft.
Despite the rampant threats, numerous government websites still do not employ fundamental security measures. Only 4 percent of state government websites in the US passed two information security tests performed by the Information Technology and Innovation Foundation (ITIF) in 2018.
Malware and file-based attacks
Among the most common ways ransomware and other malware enter systems is through file-based attacks. Hackers look to deploy legitimate-looking files that contain malware within the network. Typically, this is done by tricking a person within the network to download and run email attachments or web downloads. However, in the case of government portals, users may be allowed to upload documents and media. Attackers can simply use these upload forms to send malware instead.
Hackers can also use polymorphic malware that can readily change certain characteristics to avoid detection by common anti-malware solutions. It can also circumvent validation mechanisms that check and whitelist certain file types.
Malware can cause damage in multiple ways. Ransomware, for instance, is a kind of malware that encrypts data and restricts user access until a ransom is made. A ransomware attack can force governments to halt operations and temporarily shut down their portals.
Other forms of malware not only use encryption but also data exfiltration in their attacks. Exfiltrated data can be sold to the black market or be stored and kept by hackers to later use them for other cybercrimes. Cybercriminals can also deploy malware that is designed to lurk in the network and do what it is designed to do.
Fortunately, governments can adopt capable security solutions such as odix to protect their portals from file-based attacks. odix uses a powerful technology called content disarm and reconstruction (CDR) that can perform stringent scans to files to effectively remove malware.
CDR is also more powerful than conventional antivirus and antimalware solutions. These tools are signature-based and can only detect malware with known signatures. This often renders these solutions useless in dealing with new malware variants and polymorphic malware.
Unlike conventional security tools, CDR is sophisticated enough to identify and remove such advanced threats. This is because CDR deconstructs and strips files of all suspicious codes and rebuilds the files so that these “sanitized” versions remain usable.
Using odix, governments can equip their servers with CDR to ensure that every file that enters their network is free of malware. Web developers can also use the solution’s API to leverage CDR and embed its file sanitizing process to other applications.
Governments must step up
As people increasingly rely on technology on a daily basis, governments will likely further develop their digital channels and provide more services online. While digital transformations can greatly benefit the public, they won’t be as valuable if they put data and identities at risk.
It’s inexcusable for governments to run portals that have poor security. After all, governments must always protect their people. It’s now time for them to step up and make the right investments to establish a robust security system that can protect their digital channels from modern threats.