The last few years have witnessed seismic changes in the world’s political landscape and the way elections have been conducted. As of yet, there’s no conclusive evidence that the results and outcomes of a country’s election process have been impacted by the cyber efforts of internal or foreign agencies. However, all of the speculation and discussion around this subject has heightened the awareness of governments around the world that they need to ensure that the electronic systems and networks they manage are sufficiently secure and protected against any malicious activities, not just for elections, but at all times.
In the six months leading up to the November 2018 U.S. mid-term elections, Akamai worked with more than 20 state and county bodies to significantly enhance their existing security posture by deploying Akamai’s Enterprise Threat Protector service.
Enterprise Threat Protector is a cloud-based security service that can be deployed in less than 30 minutes, and is simple and easy to configure. All that was required to activate the service was for the state or county IT team to make a simple change to their existing Domain Name System (DNS) setup to forward its recursive DNS traffic to the Akamai Intelligent Edge Platform. Every single DNS request is checked against Akamai’s Cloud Security Intelligence (CSI) database to determine if the domain being requested is safe or malicious. If it’s safe, then the request proceeds as normal. If it’s malicious, then the request is blocked. This simple, but effective, layer of security at the DNS level blocks access to phishing, malware, ransomware, and DNS data exfiltration domains.
So what malicious activity did Enterprise Threat Protector detect?
Enterprise Threat Protector identified and blocked a significant number of attempts made by government employees to connect to phishing and malware sites. Of course, the employees were presumably not aware that clicking the link in the email they had received was malicious; as far as they were concerned, the email was legitimate.
In addition, Enterprise Threat Protector identified and blocked numerous command and control DNS requests made by already compromised devices that had not been detected until Akamai’s service was activated. Once a device is compromised, it uses DNS to connect to command and control (C2) servers to send back information about the device or to download additional malware. This is huge risk, as command and control traffic indicates that a network has already been breached.
“It’s been an excellent week. We’ve flagged some C2 traffic that I was able to stop and it’s been catching a massive amount of malware and phishing websites. We couldn’t be happier with Enterprise Threat Protector’s performance!” – County Electoral Body
One big challenge that state and county bodies have is that they often do not have visibility and control over all of the computers that are connected to their networks. This means they can’t install desktop anti-virus. Because Enterprise Threat Protector can be deployed without the need to install any software on the device, and nothing needs to be configured on the device, it’s an excellent solution for this scenario.
Reporting helps Reduce Remediation Time
“The reporting has been a fantastic add-on [to our system] that is helping us with our goal of complete security.” – Secretary of State
Another big challenge election officials face is that they may often have limited IT resources to deploy and manage security solutions. Enterprise Threat Protector is 100% cloud-based and requires no hardware or software to be installed. Once it is deployed and policies configured, it requires virtually no ongoing management. Enterprise Threat Protector provides automated alerts and reporting so that the IT team can quickly identify and remediate any compromised devices.
Try Enterprise Threat Protector on your network
“I can’t tell you how much pressure is put on us for election security. This doesn’t only give the appearance of security, it actually SECURES our network. We now have a multitude of security software put in place, but I overall like the concept of control from the DNS level the best.”
— Secretary of State
While the mid-terms are over, the next U.S. election is less than two years away. Now is a great time to deploy Enterprise Threat Protector on your network for 90 days to determine the state of your existing cybersecurity defenses. There’s no cost for this 90-day trial, and at the end of the trial period, Akamai will deliver a comprehensive security health check report.
To sign up for your free 90-day trial of Enterprise Threat Protector visit this page.
*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by Jim Black. Read the original post at: http://feedproxy.google.com/~r/TheAkamaiBlog/~3/6pCmq9Ws__w/us-mid-term-elections-and-akamai-enterprise-threat-protector.html