Your agency might fight malware by “blacklisting” — blocking viruses and malware as soon as they’re discovered so they can’t get on the network.
The National Security Agency has developed a better — and more economical — approach. It’s a variation of “whitelisting,” which means applications are blocked until they they’ve been approved (or white-listed) by an administrator, Nextgov recently reported. Traditional antivirus programs block (or blacklist) software only after it’s been deemed harmful.
NSA’s version saves time by granting permissions based on where the applications open in a system.
Eric Chudow, a technical director for government mitigations in the NSA’s Information Assurance Directorate, joined In Depth with Francis Rose to discuss how the method works and the success the agency has seen with it.
Chudow also discussed how other agencies could implement the approach and how hackers may already be looking for ways around it.