Unless you’ve been living under a rock, you’ve heard that cybercrime threatens small- to large-sized organizations across the globe. And not only are public sector organizations not immune, they’re a top target for hackers due to the volume of their proprietary data and access to confidential information.
Why do hackers target public sector organizations? They’re valuable targets in themselves, but just think about all the other valuable targets they interface with regularly:
• Federal agencies
• Local government
• The software supply chain
• Banking security
• Law enforcement
And more. Each of these intersections, taken in and of itself, needs top-of-the-line application security to ensure that sensitive data isn’t exposed or stolen. But when you combine them all together into one application ecosystem, you get a potentially massive attack surface for an ambitious hacker to exploit.
Data Security in the Public Sector
Data has become the primary target for cybercriminals across the world, but public sector organizations especially need to be aware of the risks. Data breaches are becoming more common even as governments and businesses work to improve security and protect sensitive information.
What’s more, most public sector organizations aren’t fully prepared to handle data breaches. According to government sources themselves, many agencies still do not have a formal plan in place for responding to breaches. They’re also often less likely than their private industry counterparts to have trained staff in place who can respond quickly to attacks.
Local government, in particular, has a lot of catching up to do. The lack of funding makes many state and local agencies reluctant to invest in security. And even when they do decide to take action, the sheer scale of their operations makes it hard for them to coordinate across departments and agencies.
The same limitations apply to any organization that works with public sector applications, where cybersecurity is often an afterthought. That’s why the 2018 cyberattack on Atlanta’s municipal government is so worrying. The city’s network was taken down by hackers who demanded $51,000 in ransom money, and the city was forced to pay it.
Why Target the Public Sector?
Many incorrectly perceive the private sector as the ideal target for cybercriminals, but that’s not actually the case. Public sector organizations are a prime target because of their access to sensitive data and high levels of trust from citizens.
The public is more willing to give data to those seen as authorities, and data is the stock in trade of cybercrime. Public sector organizations often hold, or have access to, government contracts, finance security, government employee personal information, and perhaps even a state secret or two. Cybercriminals can exploit all of these to commit identity theft or manipulate government officials.
Outdated Code Security
The public sector uses a lot of old hardware with code vulnerabilities that are no longer supported by the vendor. That makes it easier for cybercriminals to find holes in their systems and exploit them. The public sector is also slower to upgrade its software because it often has to buy more licenses than private companies do, so it’s harder to justify the cost. In many cases, the security of public sector systems is worse than that of private companies because these systems are often not fully updated and maintained by their users. As a result, they are vulnerable to attacks from external sources.
Major Cyber Attacks On Public Sector Organizations
Data breaches, ransomware attacks, and other cybersecurity threats are far from new. However, what’s happening to public sector organizations is a new type of threat altogether. It’s a multi-level attack on the very foundation of governance.
Just a few years ago, a data breach at the U.S. Office of Personnel Management (OPM) exposed personal information for more than 21 million current and former federal employees, including those who applied for security clearance. The stolen data included Social Security numbers, birth dates and residency status, in addition to the fingerprints of millions of people with security clearances that were taken by an unspecified third party.
Just as serious are attacks on public sector organizations that work with the government, such as the ransomware attack on Allscripts Healthcare Solutions Inc., which affected more than 1,000 health care organizations across the country. The hackers demanded payment in bitcoin and threatened to leak personal data if it wasn’t made within 24 hours.
Such events can be crippling. Not just to the individual organization, but potentially to the nation as a whole.
Concrete Steps To Mitigate Risks to Cybersecurity in the Public Sector
Code vulnerabilities are at the root of the problem. Without adequate preventative measures, such as static application security testing (SAST) or security control assessments (SCA), each of which helps identify and mitigate known vulnerabilities, code can be vulnerable to malicious actors exploiting these flaws.
Fortunately, there are indeed concrete steps that public sector agencies can take, such as:
• Implementing third-party vendor risk management processes. This is a way to ensure that vendors and contractors that provide services to public agencies only use secure applications and networks.
• Regularly updating the operating system (OS) on all devices. Public agencies can work with dedicated cybersecurity professionals to identify and test patches for any vulnerabilities present in their network, or even use a subscription security service.
• Implement robust encryption and security protocols. That typically means working with cybersecurity experts to develop secure systems for the transmission of sensitive information and the storage of sensitive data.
Development, Security, and Operations: Making DevSecOps a Priority
Public sector organizations are no longer immune to the threat of cyberattacks. In fact, many of these organizations are under attack on a daily basis. The volume of data that public sector organizations hold makes them a prime target for cyber criminals.
Cyberccriminals take public sector organizations seriously, which means public sector organizations need to take cybersecurity seriously. The more sensitive the data that an organization holds, the more important it is to protect it from unauthorized access and breaches.
Kiuwan can help to identify code vulnerabilities and improve application security by providing visibility into your application’s source code and detecting security problems before they become critical issues. Contact us to learn how we can help you better manage your application risk today.