Government and utilities organisations experienced a higher volume of attacks over the past 12 months compared to other critical national infrastructure (CNI) sectors.
The findings come from a report by security consultants Bridewell Consulting.
“With political motivation and nation-state-sponsored activity increasingly dictating cyberattacks, government agencies are extremely attractive, high-value targets,” explained Lydia Walker, senior lead consultant at Bridewell.
“We are seeing cyber war become a more common and a dangerous feature of international conflict, especially since Russia’s invasion of Ukraine. After all, it is cheaper and quicker to mobilise cyberattacks than it is to get boots on the ground. This puts UK government organisations in a particularly vulnerable position.”
Walker said there is also the issue of outdated legacy systems and infrastructure.
“Government budgets often do not stretch to modernising their own IT infrastructure, so keeping up to date is an issue for local government in particular. Legacy systems often cannot keep pace with the evolving cyber threat, so can be more vulnerable to successful attacks.”
Insider sabotage
The research showed that government is seeing the biggest risk from internal threats such as data theft or employee sabotage.
“Data theft is a huge risk for government organisations,” said Walker. “Nation-state actors go after information that can be used to assist a cyberattack, and government systems are treasure troves of information. For example, malware could be used to gain access to surveillance systems and exploit sensitive information for financial and political gain.
If you liked this content…
The US’ latest cyber alert is a wake-up call for the UK
Cyberattacks on water and electric utilities under attack
Ministers consider ban on ransomware payments for UK public bodies
The new government bring new opportunities in national cybersecurity
Too little, too late – Is the UK government failing to heed the cyber crisis?
“The threat of insider sabotage and espionage is always high across CNI organisations, but particularly within government. The practice of espionage hasn’t reduced since the Cold War and with rising tensions it brings about further risk to government organisations. Employees require privileged access to perform their jobs, so highly sensitive information is constantly at their fingertips. This information can be compromised, either accidentally or maliciously. And due to current workload and financial pressures, government employees may be particularly vulnerable to exploitation in the form of blackmail or the promise of financial gain.”
Cloud threat
The research also found that government organisations consider cloud services to be the most vulnerable attack route – over the compromise of digital and mobile channels or devices,
“With cloud technology, whether private, public or multicloud (hybrid), it introduces several third parties which could introduce further risks into the supply chain. Therefore, organisations need to fully understand their supply chain in order to minimise their risk profile, so government organisations must be cautious about who is ultimately hosting or looking after their data while providing that end-to-end service,” said Walker.
“As they update older systems, governments are increasingly moving towards cloud technology for cost and scalability reasons. That transition from legacy to cloud is risky, as organisations need to ensure the integrity and availability of data while also keeping systems online. The process must be really well managed; organisations should make sure they have the right skillsets in place to maintain the security of information when it moves to cloud due to the inherent accessibility that cloud services provide.”
People, processes and technology
When it comes to cyber resilience, government organisations need to think in terms of people, processes and technology, said Walker.
“People are key – we are all susceptible to the malicious tactics of cybercriminals, so continuous, high-level education in CNI is vital. Governments need to support the development of skills, particularly in the area of operational technology (OT).
“Technical controls are also crucial, but organisations must make sure they have the supporting processes in place to ensure that the technology operates effectively, and that information and systems are truly protected.”
