The public sector plays a critical function in providing essential services to people across the UK. Part of the nation’s fabric, such organisations are vital and thus a popular target for cyber criminals. Protecting valuable citizen data, public sector organisations should adhere to strict codes of conduct to safeguard sensitive information spanning central government, NHS, education, policing, military, and transport. But the threat is growing, with organisations notified about how impactful an attack could be. For example, with schools fully back for Autumn term the NCSC recently warned school leaders that the impact of a data breach at this time would be incredibly disruptive.
The increasing risk is worrying, especially for the tens of millions of citizens across the country who are at constant risk of having their personal details leaked or vital services disrupted. To keep essential national services running smoothly, then, there is a real need to ensure all public sector organisations are kept protected from the evolving myriad of threats.
A key target
Public bodies have long stood as formidable targets for cyber criminals. They are repositories of the most highly sensitive public information which hackers can put up for sale on the dark web, or they can encrypt data to disrupt services and demand a ransom. Public sector attacks can be motivated by both financial and/or political interests and are designed to create maximum disruption.
However, in August 2023 it was announced that the Metropolitan Police is investigating a suspected data breach after “unauthorised access” was gained to the systems of one of its suppliers. The third party company held the personal information of officers and staff, leading to concern and stress among serving personnel. In the context of post-MOVEit recovery, it’s clear that supply chain attacks have become more common and are now beginning to seep into the public sector.
The ‘back door’ method
Put simply, what we are seeing is a type of ‘back door’ method being exploited by hackers, allowing them to target the data of all the other organisations that an organisation interacts with. Attackers look for weak points everywhere up and down the supply chain, seeking companies that don’t have the necessary guardrails in place which can provide a way in.
The cybersecurity posture of third parties is especially important to public sector organisations then. The affiliate business could themselves store citizen data, or they can just act as a doorway into the public sectors organisation’s own data sets. Many also tend to specialise in specific sectors which means a breach can create disruption on a massive scale.
Strengthening the supply chain
The surging trend in high profile attacks coming from third party suppliers has increased the importance of cybersecurity in boardroom conversations. The Government’s recent Cyber Security Breaches Survey shows that larger organisations have become a key target over the last year. It also suggests that receiving messaging around supply chain risks helps organisations to take action in this area, pointing to a greater need for education around cybersecurity posture.
However, even with strict due diligence and ongoing conversations, there is only so much a public sector organisation can do to ensure the security of its supply chain, and that’s before we even consider dwindling and stretched resources. What they do have more control over, though, is their own posture and ensuring that data remains secured even in the event that a third-party is breached and hackers aren’t able to infiltrate down the supply chain.
For example, hardware-based cybersecurity solutions are becoming crucial in the fight against cybercrime. The vast majority of cybersecurity solutions only tend to the external layers, and struggle to identify new threats that emerge every single day. When the physical layer is bolstered with AI’s self-learning capabilities, systems operate in an enclosed environment, which allows them to detect access attempts around-the-clock from rogue sources and close off pathways. In a threat of perpetual uncertainty, solutions are out there which can protect data even in the event of a breach – a priceless outcome for organisations that store and exchange citizen data.
Considering the recent wave of attacks facing public sector organisations, it’s become a matter of when – not if – your organisation is at risk. This is coupled with the reality of there being no guarantee your supply chain is completely secure. In this context, public sector organisations should revisit their cybersecurity posture, smartly investing in solutions that provide a last line of defence that keep us all safe.
