Cyber attacks happen for a myriad of reasons, like any other sort of crime. Some of those motivations are quite similar—profit, a desire to create chaos, access to power or information—to name a few.
Public sector organizations tend to be subject to more cyber attacks than many other industries, in part because they check all of those boxes. With threats coming from so many different directions, solutions also require a multi-faceted approach.
The Bigger They Come
An old proverb states, “the bigger they come, the harder they fall,” and indeed larger fish make a bigger splash. That’s why phishing schemes targeting “big fish” earned the name “whaling.”
Unfortunately, even smaller organizations with ties to big public sector organizations can seem “big” in the eyes of a predatory cyber attacker. But that’s just one of the reasons public sector organizations look like big targets, other reasons include:
- High-profile: hitting the public sector can mean big press.
- High-dollar: many public sector organizations have access to public resources.
- High volume: the tempting possibility of tapping into larger connections.
- Breadth: the collaborative, cooperative nature of public and private institutions make their systems a broad target.
- Inside scoop: the value of information, particularly information not broadly available, yields higher rewards on the cyber black market.
- Low security: many public sector organizations lack adequate IT support.
- Out-dated systems: old hardware or outdated, unsupported software make it easier to use older exploits with only minor modifications.
Examples of exploits of this nature have been making headlines left and right. The Democratic National Conference and Hillary Clinton’s email hack likely stemmed from a successful spear-phishing campaign. An unnamed Pentagon official fell for a social media scam. Even the massively widespread WannaCry ransomware attack, possibly the largest in internet history, preyed on organizations with outdated software.
These are the types of attacks to which public sector organizations are particularly vulnerable.
Cyber Threat Intelligence
Attacks of this kind do not always receive the publicity of something like WannaCry, and they do not cross the horizon like an amassed foreign army: they come in like a thief in the night or a trojan horse.
That sort of army, federal governments tend to be inadequately armed to battle. In the United States, at least, the Trump administration has issued a Cyber Security Executive Order aiming responsibility for cyber security on the heads of each public sector organization.
That means it will be up to each executive to become well versed in both cyber threat intelligence and appropriate, industry-specific cyber security solutions.
Protection from Cyber Attacks
Given the scope of the risk, and the cost of a breach, threat mitigation also requires a multi-faceted approach. A reactive approach to cyber security is comparable to going around plugging holes in a dam with your finger: eventually, you run out of personnel and digits.
A more effective protection plan involves a full assessment of possible weaknesses, an insider’s understanding of threat analysis, an action plan to update points of infrastructure weakness (software, hardware, and personnel training), and staying ahead of attacks and threat actors.
Sun Tzu said in The Art of War to “know your enemy,” but it’s also worth examining the larger quote:
If you know the enemy and know yourself, you need not fear the
result of a hundred battles. If you know yourself but not the enemy,
for every victory gained you will also suffer a defeat. If you know
neither the enemy nor yourself, you will succumb in every battle.
We know your industry and the enemy, and so can you.