What happens when attackers breach local government, police departments or public health services? These types of incidents happen regularly and lead to service interruptions at the very least. More serious problems could occur, such as leakage of classified data or damage to critical infrastructure.
What about the cost of a data breach for government agencies? According to the most recent IBM Cost of a Data Breach report, each public sector incident costs $2.07 million on average. In 2018, the U.S. government faced a total of $13.7 billion in costs due to cyberattacks. Governments at all levels and in every country are at risk. The stakes are high, and preparedness is essential.
While threat actors still prefer to target health care, financial and technology firms, there are over 90,000 government entities in the United States alone. Also, research shows that there is a knowledge and awareness gap in the public sector when it comes to security measures. This makes government offices attractive targets for cyber gangs.
With increased tensions, it’s likely that state-sponsored cyberattacks will also continue to increase. Given the rising threat to government agencies, the FBI released a special notification about the risk. It states: “Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities and other services overseen by local governments, making them attractive targets for cyber criminals.”
Still, if even specialist cybersecurity providers themselves aren’t immune to attack, how is a small government office expected to protect itself?
According to the FBI notice, the most common infection vectors against government entities are phishing emails, remote desktop protocol exploitation and software vulnerability exploitation. Threat diversification has also become a major concern. For example, the FBI states that actors have been:
- Using service-for-hire business models
- Sharing victim information among actor groups
- Using diverse extortion strategies and attacking access and data sources such as cloud infrastructure, managed service providers and software supply chains.
From The Shadows Emerges Knowledge