The public sector continues to be a target for criminals, hacktivists, and nation state-sponsored organisations, according to a new report.
The 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies from cybersecurity and managed security services provider (MSP) Trustwave shows that phishing is a leading threat in the public sector, responsible for a staggering 80 percent of initial access gained by attackers.
Local governments are the most vulnerable public sector entities to ransomware attacks, accounting for 60 percent of incidents.
“Breaches in the public sector extend beyond financial loss; they can be highly coordinated, malicious, multi-pronged digital and physical attacks,” said Trustwave global CISO Kory Daniels.
“We’ve observed successful attempts to disrupt critical systems and services while disorienting operations that citizens rely on every day. This includes telecommunications, healthcare, trademark and patent systems, transportation, citizen PII data, law enforcement, and national security. A successful attack can shake the very foundations of society, erode trust in government, and create a climate of fear and uncertainty.”
The report noted that the public sector faces “a unique cybersecurity challenge” due to a combination of factors. These include legacy systems, prioritising public service over security, fragmented IT infrastructure, vast amounts of sensitive data, siloed information, limited budget resources, complex regulations, and being a target for international actors.
“It’s particularly concerning how geopolitical motivations tap into the digital realm to perform espionage leveraging deepfakes, social media manipulation, and election interference,” said Daniels. “As citizens, we entrust the government with vast amounts of our personal information, which is why public-private partnership is critical for defending individuals, businesses, and the government itself.”
The Trustwave SpiderLabs report examines cybersecurity challenges facing the public sector globally, encompassing government institutions and essential public services.
Think Digital Identity and Cybersecurity for Government is almost here. Book your place here.
