The world’s leading operating system and a popular software program were recently found to have serious security flaws, enabling foreign hackers to breach U.S. State Department and White House computers and spy on foreign diplomats. Unclassified, but sensitive data was stolen from White House computers in particular.
According to Reuters, a leading U.S. security company, FireEye Inc exposed the flaws in Windows operating systems and Adobe’s Flash software. Microsoft is in the process of releasing a fix. FireEye said the flaw in Windows is less dangerous because ordinary computer users do not have the means to exploit the flaw. Adobe released a patch for Flash last week, a program enabling animations and designs on websites.
The group behind the attacks are said to have been active since 2007, targeting U.S. military contractors, NATO offices, and foreign government officials.
Security within government agencies is paramount as online attacks increasingly become more sophisticated. Many large corporations and government entities were the victims of widespread damage, from financial damages to leaks of classified material in highly publicized 2014 cybersecurity breaches. Governments, from the local to federal level, are increasingly having to stay one step ahead of potential threats. Luckily, certain third-party vendors specialize in identifying threats, protecting networks and the protection of data transmission. To best protect their data, governments need to always be alert to the newest security risks and have proper recovery procedures in the event of widespread, unexpected breaches.
Professionally trained and dedicated staffs can provide government IT solutions by helping identify potential risks and strengthen the infrastructure, such as firewalls and antivirus programs. Strong infrastructure and procedures can go a long way toward determining if an attack is successful, and how much recovery an agency will need to do in the event of a data breach.
It cannot be stated enough how important disaster recovery procedures are. Disaster recovery focuses on the IT and infrastructure side of things and can be broken down three different subsets: preventative, detective and corrective measures. Strong disaster recovery measures can lead to earlier detection of attacks and lessen the damages. These strong disaster recovery procedures will ensure government organizations will not lose operational function.
Disaster recovery is expensive. Costs vary, from constant development of the plan to the amount of hardware needed. Of course, the biggest cost is if there is no disaster recovery plan. A disaster, small or large, can cripple an unprepared government agency with no disaster recovery procedure.