By Zac Amos, Features Editor, Rehack.com.
Ransomware attacks on public sector organizations have skyrocketed over the past couple of years, threatening governments and communities. What is driving this dangerous increase? Cyber attacks rose sharply during the onset of the COVID-19 pandemic in 2020 and have only continued to gain momentum. Understanding the factors at play in this situation will help public sector officials build new security strategies.
The public sector as a prime target
To those looking in from the outside, public sector organizations may seem like an odd target for cyber attacks. Why wouldn’t a hacker go after a big, wealthy business instead, where they might profit more? The answer is leverage.
Hackers know that public sector organizations have much to lose if their systems go offline or if their data is compromised. Victims are in a position where they are almost forced to pay ransom fees. If they refuse, they face the criticism and suffering of their constituents, whose data and even livelihood may be at risk of compromise. As a result, public sector ransomware attacks are surging, with an increase of 917% in June 2021 alone.
A county government office might not have as much money to lose as a big-box store, but it is more likely to comply with ransomware demands. Large corporations also tend to have more financial resources to funnel into security, so many black hat hackers may see the public sector as a technologically less sophisticated target.
How ransomware impacts the public sector
Ransomware attacks are some of the most destructive and alarming cyber threats today. Even the weakest ransomware can result in costly downtime, reputation damage and setbacks from destroyed or compromised data and systems. In the public sector, this can translate into severe damage to critical infrastructure and networks that impact the lives of thousands or even millions of people.
For example, attacks throughout 2021 resulted in seriously dangerous situations for public sector organizations. Ransomware at one county jail took security systems completely offline and knocked out internet access. A courthouse in a different county was hit with an attack that resulted in compromised personal data about county residents, which was displayed on the dark web when the ransom went unpaid. In May 2021, a ransomware attack on Ireland’s health care system took hospital computers offline for over a week.
The situation has escalated to the point where ransomware-as-a-service is becoming a booming business around the dark web. RaaS is a growing market of easy-to-use ransomware kits that hackers can access for a simple monthly fee, like an illegal subscription service. These kits make it alarmingly easy for the most novice of hackers to attack major public sector organizations. Some kits are specifically designed for targeting the public sector.
Strategies for defending the public sector
The situation can certainly seem grim, but there is hope for public sector organizations. Ransomware is not a new kind of cyber threat. Security simply needs to evolve to adapt to it. In fact, this can be surprisingly easy. Ransomware can’t do any damage if it can’t get inside public sector systems to begin with.
A critical first step will be for the public sector to advance widespread employee awareness around security and cyber threats. An estimated 91% of cyber attacks start with phishing emails to unsuspecting individuals. The rate of successful public sector ransomware attacks could drop dramatically if employees are trained to recognize suspicious messages. Security training should also include courses on identifying ransomware on devices so if a device is infected, it can be caught early on.
Public sector organizations will need to strengthen their security teams as well. Now is the time to bring in a white hat hacker; someone with close knowledge of how these attacks are carried out. White hat hackers help prepare for and defend the organizations against cyber threats. A responsive security team will have strategies to protect sensitive information and multiple levels of protection for government data, such as multifactor authentication and advanced encryption.
Stopping public sector ransomware
Cyber attacks are not going away any time soon. The reality is that hackers will continue to take advantage of public sector organizations until concrete, widespread change occurs. Agencies must adapt to put an end to these attacks. Advanced security policies and cutting-edge tactics are the key to next-generation defenses for public sector cyber security.
For more CyberTalk.org insights contributed by Zac Amos, click here. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.