For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information. In the past several years we have also seen these attack types target states and municipalities, including the voting and election infrastructure of the United States and other nations. And most recently, attacks on application vulnerabilities.
According to the Center for Strategic and International Studies, there have been many attacks on applications and websites, including the following:
- In February of 2019, the UN International Civil Aviation Organization revealed that in late 2016 it was compromised by China-linked hackers who used their access to spread malware to foreign government websites.
- In August of 2019, China used compromised websites to distribute malware using previously undisclosed exploits for Apple, Google and Windows phones.
- In October of 2019, a state-sponsored hacking campaign brought down more than 2,000 websites across Georgia, including government and court websites containing case materials and sensitive personal data.
- In December of 2019, unknown hackers stole login credentials from government agencies in 22 nations across North America, Europe, and Asia.
Cybersecurity companies all over the globe offer powerful security tools and procedures and have decades of experience navigating and preventing sophisticated attacks. We all just need to ensure that we’re putting them into place. Everything from the network and firewall level, down through the application and data layer. These steps are not complicated, and they don’t necessarily take years or months to implement.
And while news cycles often focus on certain countries that tend to be at the forefront, nation-state attacks are bigger than one country – it’s a worldwide problem of which we’re contending. Staying ahead of nation-state attacks is fundamentally a matter of taking the necessary steps seriously and using our vigilance to limit the impact of an attack when it happens.
How WhiteHat Security Can Help
In light of these geopolitical and cybersecurity tensions, and the upcoming presidential election, the WhiteHat Security team is offering its resources, technology and services as part of its civic duty to defend the nation against sophisticated cyberattacks. WhiteHat takes the security of the Country’s critical infrastructure and other systems seriously and has taken steps to help the public sector defend itself against rising nation-state attacks.
Specifically, WhiteHat is offering the following to government agencies at no charge:
- WhiteHat Sentinel Dynamic, the company’s industry-proven dynamic application security testing (DAST) solution. The cloud-based SaaS platform accurately and rapidly finds vulnerabilities in websites and applications throughout the software development life cycle (SDLC), including in production.
- Sentinel Source Essentials Edition, WhiteHat’s entry-level SAST product, which delivers a fast, automated service that scans application source code, identifies vulnerabilities and provides detailed vulnerability descriptions and remediation advice. The discovered vulnerabilities are prioritized according to severity, thus providing guidance on what should be remediated first.
For more information on protecting your organization against state-sponsored attacks and/or to take advantage of this offer, please contact WhiteHat Security’s cyberattack hotline at 800-648-5113 or email us at [email protected].