The collective government sector, including state and local governments, municipalities, city councils, local law and federal, and other government entities continue to be a target for cyberattacks. Unfortunately, in 2021, there continue to be more cyberattacks, with more future threats on the horizon. According to a recent article on ZDNet, in 2020 the government sector had 16% of the total number of breaches for the year, which was higher than their 15-year average of 14%.
But why is the government sector a highly attractive target for cybersecurity threats; what makes this sector much more appealing than others? Here are some reasons.
WHY THE GOVERNMENT SECTOR?
Firstly, state and local government entities store vast amounts of vital and classified data to support the essential activities for their citizens. So cyberattacks that compromise this data can cause massive disruption, and takedown services many of us depend on. Secondly, government employees are heavily overworked with large task lists and constant reprioritization. This means they can be easily distracted and susceptible to attacks such as phishing attempts. Lastly, the government sector has a low level of cybersecurity readiness. There is insufficient funding, a lack of cyber awareness across constituents, and even today, a low number of IT staff that are knowledgeable enough to implement and maintain a high level of security.
Also, while there has been a significant increase in cyberattacks in the government sector, many officials are not aware of the need for cybersecurity and not supportive of it either. Shockingly, a surprising number of local governments do not know how often they are targeted.
These are plenty of issues for a government sector to become a target of the next cyberattack and cybersecurity threat.
WHAT ARE THE CYBERTHREATS?
Unfortunately, cybercriminals are not taking it easy on the unprepared, government sector, using current attacks and cybersecurity threats that still prove effective, with new tactics that IT teams are unaware of. Old-guard attacks like phishing and ransomware are not new, but the phrase, "If it isn't broken, why fix it?" has applied for cybercriminals as these attacks are easy to launch and are highly successful. In an overworked sector, threat actors abuse the human error that exists as many employees are missing cybersecurity awareness training. It only takes one person, who simply logs into a fake phishing site to cost the government agency thousands of dollars in damages.
Newer attacks like Multi-factor Authentication (MFA)-resistant phishing are some of the harsher future attacks that government agencies are not sure how to defend against. Over the past few years, cybercriminals have created phishing attacks that are able to circumvent MFA protections. These attacks are able to intercept more traditional authentication methods, such as SMS or emailed one-time passwords (OTPs).
Unique cybersecurity attacks on the government sector also include election interference and manipulation. Hackers, foreign governments, and cyber-activists have all been accused of interfering with presidential elections in recent years, creating a level of fear, uncertainty, and doubt in the outcome.
Government entities are faced with a barrage of security threats that come in all different forms and target different areas of their organizations. However, the fight is not over for the government sector.
STEPS TO IMPROVE CYBERSECURITY READINESS
While there is no "one size fits all" solution, there are immediate steps that any government entity can take to improve its cybersecurity measures.
REDUCE THE ATTACK SURFACE
Reducing the attack surface today is much more difficult as many employees are working from home in response to the COVID-19 pandemic. However, if government entities are aware of where cybercriminals could potentially access their systems and launch a cyberattack, then the appropriate protections can be implemented. Many entities are starting to look towards a Zero Trust architecture to protect and reduce their attack surface. Making sure to follow a "never trust, always verify" policy can ensure that the attack surface is greatly reduced, with all access requiring verification before it is provided. Implementing such controls as MFA for all employees and constituents 100% of the time is a first step towards implementing a Zero Trust architecture.
EDUCATE YOUR STAFF
Educating your staff on current and future threats is important to reducing successful attacks caused by human error. Investing in a strong cybersecurity awareness program can teach employees about phishing attacks, for example, and greatly reduce the number of stolen credentials and overall attacks. Additionally, the IT staff can also implement strong spam filtering solutions which can help reduce the threat of a phishing email appearing in one's inbox in the first place.
STRONG MULTI-FACTOR AUTHENTICATION
While there is MFA-resistant phishing, it is only resistant to more traditional forms of authentication, such as SMS OTPs. However, using stronger authentication methods, such as biometrics which cannot be stolen and are easy to use, combined with more advanced approaches such as contextual authentication, can prevent such cybersecurity attacks from happening in the government sector.
Overall, government entities are faced with an ongoing barrage of security threats from multiple directions which will require constant adjustments to their cybersecurity strategies to prevent.
To read more about cybersecurity in government and the best practices that can be implemented to prevent attacks, click here. If you have any questions feel free to contact us to see how our multi-factor authentication approaches differ from more traditional methods that are susceptible to attack.