Government Encourages Application Whitelisting to Boost Security Against Russian Hackers
On March 15, 2018 the U.S. government made a statement confirming the U.S. power grid had been compromised by the Russians. Unsettling news, to say the least. Whitelisting application software for cybersecurity could help prevent the attacks on the grid infrastructure.
Although, various news outlets report no damage was done, they believe the primary goal was to send a message. It appears this was a Russian power tactic. Russia wants the U.S. government to know, if they want to do significant damage to our power grid, they could.
How to protect the power grid?
Now, the United States Computer Emergency Readiness Team (US-CERT) is encouraging government agencies, as well as businesses to implement application whitelisting technology.
This helps to avoid falling victim to similar attacks. By utilizing an application whitelist, only known safe programs are able to execute. This method of malware defense is far more effective in blocking malware infections than alternative approaches.
Along with whitelisting, IT professionals should be ensuring staff updates all third-party applications, programs, and operating systems. Often times hackers exploit known vulnerabilities that are left unpatched by outdated systems.
Therefore, by ensuring these updates take place in a timely manner, systems will remain increasingly secure.
How Whitelisting Cybersecurity Can Prevent Hacker Attacks?
Whitelisting application protection stops hackers from running their malicious scripts on a computer or network. Cyber security experts who advise federal agencies now recommend using whitelisting to defend networks and data against hacker attacks.
Many socially-engineered and targeted attacks like the Russian cyber attack on the US power grid makes them difficult if not impossible to defend against.
Subsequently, cyber criminals gain unauthorized access to the network. They may use leaked passwords, or trick an authorized user into clicking on a malware link.
As a result, whether in an IT or Operations Technology department, malicious scripts give the attackers the keys to breach the network.
After that, they encrypt or steal the data. Using Whitelisting application cybersecurity helps to prevent attacks by never allowing the scripts or ransomware to run in the first place.
In many cases, malware is part of a completely new or unknown software application. Since the new software is not yet on the whitelist, a company’s cyber-protection increases because it will be blocked.
Whitelisting solutions prevent such attacks like those on the US power grid from working, because the new malware program never makes it on to the approved list.
Another interesting aspect of Russian or Eastern European cyberthreats is the use of a do-not-install list of countries. Those include Russia and the old Soviet-satellite countries like the Ukraine where many of the hackers live.
For more cyber security tips from the US-CERT, click here.
To read more about Russian Hackers targeting the USA.
1,158 total views, 1 views today