For decades, nation-state attacks have caused serious havoc across the world, primarily targeting critical infrastructure such as power grids and industrial control systems, as well as government agencies, often disrupting operations and leaking sensitive information. In the past several years we’ve also seen these types of attacks target states and municipalities, including the voting and election infrastructure of the US and other nations. Most recently, we’ve seen attacks on application vulnerabilities.
According to the Center for Strategic and International Studies, there’ve been many attacks on applications and websites, including:
In February of 2019, the UN International Civil Aviation Organization revealed that in late 2016 it was compromised by China-linked hackers who used their access to spread malware to foreign government websites.
In August of 2019, China used compromised websites to distribute malware using previously undisclosed exploits for Apple, Google and Windows phones.
In October of 2019, a state-sponsored hacking campaign brought down more than 2,000 websites across Georgia, including government and court websites containing case materials and sensitive personal data.
In December of 2019, unknown hackers stole login credentials from government agencies in 22 nations across North America, Europe and Asia.
Cybersecurity companies all over the globe offer powerful security tools and procedures and have decades of experience navigating and preventing sophisticated attacks. We all just need to ensure that we’re putting them into place – everything from the network and firewall level down through the application and data layer. These steps aren’t complicated, and they don’t necessarily take years or months to implement.
While news cycles often focus on certain countries that tend to be at the forefront, nation state attacks are bigger than one country – it’s a worldwide problem with which we’re contending. Staying ahead of nation-state attacks is fundamentally a matter of taking the necessary steps seriously and using our vigilance to limit the impact of an attack when it happens.
How NTT Application Security can help
In light of these geopolitical and cybersecurity tensions, and the upcoming presidential election, we’re offering our resources, technology and services as part of our civic duty to defend the nation against sophisticated cyberattacks. We take the security of critical infrastructure and other systems seriously and have taken steps to help the public sector defend itself against rising nation-state attacks.
Specifically, we’re offering the following to government agencies at no charge:
WhiteHat Sentinel Dynamic, our industry-proven dynamic application security testing (DAST) solution. The cloud-based SaaS platform accurately and rapidly finds vulnerabilities in websites and applications throughout the software development life cycle (SDLC), including in production.
Sentinel Source Essentials Edition, our entry-level SAST product, which delivers a fast, automated service that scans application source code, identifies vulnerabilities and provides detailed vulnerability descriptions and remediation advice. The discovered vulnerabilities are prioritized according to severity, thus providing guidance on what should be remediated first.
For more information on protecting your organization against state-sponsored attacks and/or to take advantage of this offer, please our cyberattack hotline at 800-648-5113 or email us at email@example.com.