Protecting State and Local Government
State and local governments are heavily dependent on computerized systems, modern networks and the Internet for the transmission, exchange and storage of information, engaging in financial transactions with citizens and suppliers of goods and services, and automating critical services.
They are custodians of citizen information, including personally identifiable information (PII), tax and property records, medical information, credit card data, voter registration, and court and prison records.
States and municipalities, from suburban towns of a few thousand people to large cities, offer online services to its citizens, such as payment of taxes, fees and fines, motor vehicle registration, and enrollment in public programs.
And they are all potential targets.
Cyber attacks on state and federal databases are "one of the nation's greatest emerging threats," warned Maryland Gov. Martin O'Malley during a panel at the 2011 National Governors Association (NGA) meeting. And, at the same event, the chairman of the Multi-State Information Sharing and Analysis Center said that three-quarters of states had recently reported data security breaches.
States and municipalities are attractive targets for cyber criminals. They are entrusted with large numbers of the type of sensitive records that have great value on Internet black markets. Their security programs and controls, particularly in smaller locales, may not be as robust as many in the commercial sector. They may not consider themselves potential targets, but there have been numerous examples of data breaches, and alarmingly, fraud. A number of local governments, like many small businesses, have been victims of stolen bank account credentials; municipal accounts have been fleeced of millions of dollars.
Critical emergency services can be disrupted. In November 2011, a malware attack disabled the automated response system of a New Zealand ambulance company serving 90% of the country's population. Digital emergency systems, VoIP systems used for critical communications, are all vulnerable.
State and municipal services are also at risk from distributed denial-of-service (DDoS) attacks, which could disrupt websites on which governments and their citizens have become dependent. Critical services can be interrupted and revenue lost as a result of a DDoS attack perpetrated by hactivists with a political or ideological agenda, malcontents with a grievance (real or perceived), or someone who perpetrates a completely wanton attack.
Corero's Security Solutions
Corero's Intrusion Prevention System (IPS) and DDoS Defense (DDS) lines of products provide highly effective network security for states and municipalities against:
- Malicious content attacks aimed at stealing vital and sensitive information and/or disrupting critical systems
- DDoS attacks that can disrupt access to vital agency services
- Unauthorized access to sensitive, privileged and/or classified information
Corero's unique protocol behavior analysis enables its IPS to detect and block malicious content, even previously unidentified zero-day exploits.
Corero’s First Line of Defense® is an organization’s new perimeter. It stops the latest breed of cyber-attacks, including DDoS attacks, zero-day exploits, remote exploit insertions, server targeted threats and access attempts from malicious IP addresses and unwanted geo-locations, all of which easily bypass traditional network security defenses and compromise enterprise networks.
Intrusion Prevention System
Corero's Intrusion Prevention System (IPS) provides continuous, comprehensive protection against external attack, leveraging unique technology that discerns between legitimate and malicious traffic, providing more accurate detection and fewer false positives than other IPS products. Corero uses stateful protocol inspection and inspection of payload data files to determine if suspect traffic is behaving correctly or represents a threat.
Corero IPS features bidirectional traffic inspection, enabling detection of infected computers communicating with their command-and-control servers or participating in botnet attacks. The ability to monitor and analyze outbound traffic helps identify computers that may be part of an APT attack, whether they have been compromised by a zero-day exploit or exploited by a known attack through an unpatched vulnerability.
Corero solutions provide a high level of visibility into network activity, and helps meet audit requirements through its Network Security Analyzer (NSA), a security information and event management tool. NSA provides robust and highly flexible logging, reporting and forensics capabilities.
And, Corero's IPS provides proper auditing, monitoring, logging, and reporting of security events for rapid identification and response to a material event, and forensic analysis.
DDoS Defense System
Corero's DDoS Defense System (DDS), leveraging Corero's award-winning technology, delivers nondisruptive protection from attack against the networks and servers that support state and municipal online services. It provides maximum protection for critical IT assets, detecting and blocking malicious traffic while allowing full access to legitimate users and applications. DDS keeps government sites up and available at full service levels.
Corero's DDS delivers unmatched DDoS attack detection and mitigation against both the well-known network layer flooding attacks and the more insidious application layer attacks that are nearly impossible to detect without patented Corero technology. The DDS delivers on-premises protection that traditional network security technologies, such as firewalls and other vendors' IPS's cannot. And Corero provides a level of security that goes beyond dealing with DDoS by simply buying more bandwidth, which is expensive and useless against application-level attacks. "Clean pipe" and "black hole routing" techniques that may be used by your ISP or cloud anti-DDoS provider are not as effective as dedicated Corero on-premises solutions and are blind to insidious application layer attacks.
In concert with the DDS, SecureWatch PLUS DDoS defense configuration/implementation, 24/7 monitoring and incident response services provide the most comprehensive DDoS defense available on the market.
State and local governments can deploy both the Corero DDS and IPS solutions inline in full confidence that they will maintain full levels of performance and service. Corero appliances offer the lowest latency and highest reliability of any security products available on the market today. Corero's Core Platform, built on the purpose-built Tilera multicore processor architecture and CoreOS, provides real-world protection at real-world performance levels.
