As people start thinking about completing the upcoming United States census online, security concerns have emerged. While there are unique threats to the Census because of the impact it has on budgeting and government, these concerns tell us a great deal about the security concerns of doing business online.
Three important security concerns to keep in mind:
- Taking input of untrusted third-parties is one of the most dangerous things you can do in information technology. The fact is, one doesn’t need to blindly accept inputs from the entire world when there is really only a subset of people who need to respond. Blocking IP addresses from suspect geography can help, but more important may be to block tor, VPN servers and other anonymization services to help block against fake replies.
- One risk that has already been identifying is phishing. The Census has already registered over 100 Census related domains, but monitoring needs to be put into place to proactively identify new census-related domains and hostnames as they appear. One key protection is to block newly observed domains. Hackers usually start attacking once they use their infrastructure while most normal companies take time to develop their website and tools before operationalizing. This key difference helps ThreatSTOP proactively block attacks partnering with Farsight and RiskIQ for premium offerings to our DNS firewall.
- The key is quickly identifying suspect infrastructure and domains and turning them into blocks and prevention quickly. It is important to not just tell people about a threat, the threat needs to be automatically blocked. Intelligence that isn’t operationalized is just data.
Contact ThreatSTOP to see how we can protect your public facing properties to prevent bad data from infecting your operations. Our IP Defense and DNS Defense are designed to automatically identify and block threats, and now our partnerships with Farsight and RiskIQ let you level-up your protection with our new premium offerings.