Cyberattackers are increasingly targeting large public sector organisations in search of big paydays.
According to cybersecurity company Check Point, government organisations around the world are now second only to the education and research sectors as a target for threat actors.
The group noted that public sector organisations frequently possess high-quality and confidential data. This makes them attractive targets – once the hackers have this data, the organisations can be extorted or the data sold on.
“If a group of bad actors was to steal thousands of people’s credit card details by hacking into a private organisation such as a bank or online retailer, they’d fetch around $20 per record if auctioned off on the dark web,” the company said.
“If, however, the same group were to attack an NHS trust in the UK and steal individuals’ medical information, their potential profit would soar and net them more than $480 per record.”
Furthermore, with the pandemic making in-person and in-office working impossible, many public-sector organisations had to rely on their digital infrastructure, much of it outdated and insecure.
Check Point added that the way public sectors store their data, in massive data siloes, means that once a hacker accesses a network, they can quickly gather huge volumes of data.
Compounding this problem is a lack of resources. Cybersecurity analysts at Check Point found that a quarter of public sector organisations have just one staff member responsible for cybersecurity.
In addition, more public sector groups outsource their basic security functions than the private sector – over 95% outsource their firewall configurations; more than 80% rely exclusively on third parties for incident response and recovery; and 48% even outsource the control of internal user admin rights.
Ultimately, Check Point said a lack of budget to boost cybersecurity and prevent attacks is harming these organisations.
“The public sector is, almost by definition, reactive instead of proactive when it comes to digital transformation. It’s there to serve, not to profit, and this leaves it vulnerable by default,” the company said.
- DIGIT Expo | Working to everyone’s strength with neurodiversity
- Openreach to invest £95m in Scottish broadband
- Innovative ‘DogPhone’ helps pet owners tackle separation anxiety
The group cited the major SolarWinds attack earlier this year as an example. While SolarWinds is a private company, its software is used by thousands of third parties. As such, the hack affected major public sector institutions, including NATO, the UK government, the European Parliament, and the US Treasury.
“While the devastating SolarWinds ‘sunburst’ attack made headlines in 2020 for its impact on private corporations like Cisco, Microsoft and thousands of customer organisations, there’s a good chance much of it was collateral damage in pursuit of an increasingly lucrative target: the public sector,” Check Point stated.
Scotland has not been immune to these attacks. The Scottish Environmental Protection Agency (SEPA) was hit by a major ransomware attack in December 2020, which the group blamed on organised cybercriminals.
The attackers stole around 1.2GB of data and locked the group’s employees out of its systems. Even months afterwards, it was still recovering data and reactivating its services.
SEPA did not respond to the attackers’ ransomware demand. This saw the stolen data released online, which included information related to business and the group’s staff.
In the aftermath, SEPA has begun building a new IT system from scratch.
Get the latest news from DIGIT direct to your inbox
Our newsletter covers the latest technology and IT news from Scotland and beyond, as well as in-depth features and exclusive interviews with leading figures and rising stars.
We will keep you up to date on the pivotal issues impacting the sector and let you know about key upcoming events to ensure that you don’t miss out on what’s going on across the Scottish tech community.
Click here to subscribe.