NAIROBI, Kenya- Cybersecurity is no longer just an IT problem; it’s now a national concern, especially for government institutions.
According to a recent analysis by Positive Technologies, the public sector has been hit hard by cyber threats, particularly from 2022 through the first half of 2024.
While the focus has primarily been on Russia, Asia (33pc), Africa (12pc), and North America (12pc), it’s evident that cybercriminals view government systems as a goldmine of valuable data.
Government institutions, particularly in Asia, have become prime targets for attackers. Despite technological advancements in these countries, their cybersecurity measures have not kept pace with the rapid digital transformation.
Additionally, economic competition and trade conflicts have extended into the cyber realm, leading to targeted attacks on government agencies. Nearly half of all successful cyberattacks in this period were targeted, often leading to data breaches.
Personal data and intellectual property are among the most frequently stolen types of information.
While ransomware remains the go-to malware, its popularity in the public sector is dwindling. In the first half of 2024, successful ransomware incidents declined by 4pc compared to 2023 and a whopping 14pc compared to 2022.
However, the focus has shifted from monetary gain to disrupting government operations and stealing or destroying sensitive information.
Attackers exploit the numerous entry points created by government employees using email and other communication tools, making public institutions easy targets.
Positive Technologies’ report indicates that the use of malware in public sector attacks is steadily increasing.
In 2022, malware was used in 48pc of incidents, rising to 57pc in 2023, and 68pc in the first half of 2024.
This rise is attributed to the simplicity and effectiveness of malware as a tool, alongside an active darknet market where cybercriminals can rent or purchase off-the-shelf or even custom-built malware.
In fact, research shows that one in every six ads on darknet marketplaces offers access to compromised government networks, with prices ranging from a mere $20 to thousands of dollars for high-privilege access.
Advanced Persistent Threat (APT) groups are especially interested in government systems, using malware in 83pc of incidents they orchestrate. The most common methods include remote access trojans and spyware.
Hackers also leverage the dark web to buy or trade credentials for accessing compromised devices, further heightening the risk to public institutions.
Governments need to pivot to a result-driven cybersecurity approach to protect their infrastructure.
This strategy involves identifying potential risks, securing IT assets, and undergoing cyber transformations that include employee training, incident monitoring, and ongoing security assessments.
As government institutions continue their digital evolution, they must prioritize cybersecurity to protect their critical systems and sensitive data. While attackers grow more sophisticated, adopting a result-driven approach is key to mitigating risks and ensuring a more secure digital future.