Software vulnerabilities and the security technologies to protect against them evolve daily. At Untangle, we stay on top of these changes to ensure that our NG Firewall incorporates the latest threat prevention and network management capabilities. Once a new build is tested and ready, it can be applied automatically to your deployment without any human interaction. Learn more about automatic upgrades on the Untangle Wiki.

Bug Fixes

Each release includes dozens of bug fixes to address issues that often arise from changes in external software. These fixes ensure smooth operation and continuous Internet access for your networked devices.

Security Updates

The table below outlines some of the core components that receive security updates with most releases.

Network Management & Connectivity Enhancements

The following rollup outlines some of the recent and noteworthy enhancements to Untangle NG Firewall. Customers with a valid subscription and automatic upgrades can take full advantage of these recent additions.

Previously, cybercriminals used to ignore local sectors like state/municipal governments and first responders to go after larger targets. Now, cybercriminals and hackers are getting more interested in smaller businesses and organizations who often have fewer security measures in place. As a result, state and municipal governments are being attacked more often.

Unfortunately, according to the 2017 US State and Federal Government Cybersecurity Report, government organizations are among the bottom performers in overall industry security ratings (only above telecommunications and education). As local governments constitute a big portion of the overall national infrastructure, it’s becoming more critical to pay attention to the security vulnerabilities of these smaller, often less-secure, entities.

Why Hackers Target State and Local Governments

As corporations started to implement preventive measures to stop cybercrimes, it became harder for hackers to penetrate corporate firewalls. But smaller organizations like state and local governments still provide easy opportunities due to the following reasons:

Lack of Security: Many state and municipal agencies (libraries, police departments, county courthouses) are often under-resourced. They also don’t have the necessary IT security expertise on-staff to implement a comprehensive strategy, making it difficult for these organizations to prepare for cyber attacks. Furthermore, many agencies don’t prioritize possible infrastructure threats. Security takes a back seat to more pressing matters.

Lack of Funding: Agencies often lack the funding to purchase preventive solutions like the latest antivirus software or firewalls. In the case of budget cuts, security measures are often first to go. This leads to a target-rich environment for hackers.

Private Information: Government offices are rich sources for finding sensitive and personal data. Their networks can also be the gateway to federal databases. So more hackers and cybercriminals are launching attacks focused at states and municipalities.

The Risks of Infrastructure Vulnerabilities

The small-scale attacks on local infrastructure can have enormous consequences. The recent attack on the city of Atlanta serves as a cautionary tale. Hackers used a malware called SamSam to ask the city of Atlanta for a $50K ransom. Even though it’s not clear if the city paid, the hackers didn’t remedy the situation. The city had to recover on its own–to the tune of $2.6 million.

But cybercriminals are not the only concern for state and local infrastructure. Local government officials should also be aware of the effects of various policy changes. For example, the repeal of net neutrality has created new challenges. During the recent California wildfires, Verizon throttled the network bandwidth of the fire department, even though the department asked for an exemption. It created a communication crisis for first responders during the emergency, leaving lives and property at risk. As a result, the fire department has filed a case against Verizon.

How to Protect Government Networks

For local governments, the solution to various infrastructure problems is preparation. Here are some steps to take:

Train Employees: Organizations think that cyber attacks are sophisticated. Yet, in many cases, hackers gain access to network infrastructure through social engineering. They use simple techniques like phishing emails and physical visits to local offices. Organizations should train their employees to recognize these scams to help prevent a large number of attacks.

Security and Recovery Plan: Sooner or later every organization will have to deal with a cyber attack. So state and municipal agencies should invest in high-quality solutions like firewalls and anti-malware. They should create backup and recovery plans to get systems up and running after an attack to minimize productivity loss. It’s also a good IT practice to run regular security drills to prepare for catastrophic situations.

Offsite Data Backups: Previously, only enterprise-level corporations with deep pockets could afford data centers for offsite backups, but cloud computing has made offsite data backups affordable for organizations of all sizes. Agencies should take advantage of this new resource. Many backup and recovery services utilize both local and remote storage to help minimize risk. In the age of ransomware, agencies skip backups at their own peril.

Taking Government Protection to the Next Level

As a state or municipal government official, you have a heavy burden on your shoulders. You are responsible for the future security of this country. Untangle has helped a lot of small and large organizations secure their infrastructure. Learn about how NG Firewall has helped Lancaster County Government and the City of Bridgeton secure their infrastructures. For a live demo of Untangle, contact us today.

References:
Link 1, Link 2, Link 3, Link 4, Link 5, Link 6, Link 7, Link 8, Link 9, Link 10

Many decision-makers are seeking solutions that can address the pain points these organizations have faced. But what, exactly, do hotels need from their security solutions?

The current environment: Breaches and mistrust

Hotels have an uphill battle when it comes to their network security. Much of this is due to the current threat environment and increasing cybercriminal activity, which has bred mistrust among customers:

• Early last year, the Federal Trade Commission published an article that finally confirmed what travelers have feared for a while now – the often vulnerable nature of many hotel Wi-Fi networks.

“Hackers are using security vulnerabilities in hotel Wi-Fi to steal people’s passwords and other sensitive information,” the FTC stated. “Here’s how it works: [A]s a hotel guest, you try to get online using their Wi-Fi network and get a pop-up for a software update. But the network has been compromised. When you click to accept the download, you unknowingly load software designed to damage your computer or steal your information.”

• What’s more, a recent large-scale breach affecting a number of well-known hotel chains demonstrates the seriousness of the current threat environment. Skift reported that 20 HEI Hotels properties were impacted, including the Marriott in Boca Raton, Florida, and The Westin in Washington, D.C. This caused the payment card information of tens of thousands of customers to be compromised.

Due to this landscape, it is in hotels’ best interests to ensure that their networks, the online activity of their visitors and the payment card information of their customers are properly secured.

Essential network security features

There are a few critical security features that hotel decision-makers should seek out within their network security solutions. These include:

• A state-of-the-art firewall: This asset is an imperative part of ensuring that only authorized users have access to network resources. With a next-generation firewall in place, the hotel can be assured that malicious actors and hackers are effectively kept out of the network underpinning the Wi-Fi as well as the hotel’s point-of-sales system.
• Advanced filtering: The right filtering capabilities can help ensure that the FTC’s example above doesn’t take place within your hotel. Filtering means the hotel has complete control over the traffic traversing its network, and can work to prevent malicious advertisements, spam messages and unsafe websites.
• Robust management: A best-in-class network security solution will also allow for complete management of network resources, including the ability to create different policies for specific user groups. Within a hotel setting, this means that managers will have access to all the information they need and unauthorized access to sensitive information is prevented.

Network security is imperative for today’s hotels, as is selecting a solution that can provide you with everything your hospitality business needs. To find out more, contact Untangle today.