Cyberattacks in public administration including federal, state and local governments have become one of the main targets of cybercriminals. These institutions are often attacked because they collect and store highly sensitive information and often lack proper cyber security controls due to limited budgets.
Read the following article for more information on the types of cyber threats affecting public administration, the frequency and severity of these losses in Advisen’s database and risk mitigation strategies.
Cyber threats that frequently affect public administration agencies include the following:
- Ransomware— With the installation of malware, this attack method is designed to take control of a user̵7;s system and prevent organizations from running critical functions until a ransom is paid. New research showed that the public administration sector was the target of almost half of all ransomware attacks.
- State-sponsored cyber attacks— These attacks often involve a nation or nation-state attacking another government’s systems to steal national secrets, sensitive information or money.
- Net fishing— In phishing attacks, cybercriminals attempt to obtain valuable personal information (ie, credit card information, bank or routing numbers, security codes, and more) by impersonating a legitimate person or institution via email, phone call, or text message.
- Hacktivism– Hacktivists are cybercriminals who typically engage in disruptive or harmful virtual activity on behalf of a political, social, or religious cause. Individual hacktivists or group hacktivists often work to expose fraud, expose corporate wrongdoing or greed, call attention to human rights abuses, protest censorship, or highlight other social injustices.
- Distributed denial-of-service attacks (DDoS) attacks—DDoS attacks occur when a cybercriminal attempts to disrupt an online service by flooding it with fake traffic. These attacks are particularly common in public administration as a means of disrupting communications, sending a political message or weakening governments.
- Insider threat– Internal violations can stem from employee mistakes or irresponsible workers.
In an ever-changing cyber threat landscape, public administration institutions should understand the most common types of cyber losses, where attacks often occur, and what types of data are targeted.
Consider the following:
Public administration losses by category
Cyber incidents are the most common cause of losses in public administration and account for 38% of the losses in Advisen’s database. Employment-related losses (ie, discrimination, retaliation, wage and hour violations, and wrongful termination) are second most common at 23%.
Cyber losses in public administration by type
Accidental disclosure accounts for half of all cyber losses in public administration, which describes any occasion when sensitive information is copied, transferred, viewed or stolen by an unauthorized person.
Malicious data breaches account for nearly a quarter (24%) of the remaining losses, describing a cyber incident where someone intentionally accesses or shares sensitive information with the intent to cause harm.
Other common loss types for public administration include physically lost or stolen data (11%); network or website outages (8%); unauthorized contact or disclosure (5%); and phishing, spoofing or social engineering (2%).
Cyber losses in public administration by source
Printed documents are the most common source of cyber attacks in public administration. These losses can result from improperly stored records, leading to unauthorized access or theft, and are common in industries that lack the budget to properly store or dispose of physical records containing sensitive information.
Cyber losses that originate in the server are usually DDoS attacks, which are designed to disrupt the flow of traffic to a website or force servers offline.
Cyber losses in public administration through access to information
Personally identifiable information – such as name, address, date of birth, social security number and email – was used in 65% of government cyber breaches, while personal financial information (such as credit card information, bank account information and PIN numbers) was accessed in 24% of breaches . Personal health information was the least frequently accessed.
Reduce the risk
To avoid and minimize cyber-attacks in public administration, institutions should consider the following risk mitigation strategies:
- Train employees. Educate employees on safe cybersecurity practices. This can include training employees to identify and respond to phishing attacks, encouraging employees to create strong email passwords, and ensuring that employees only use work email for business functions.
- Create a cybersecurity plan. This plan should be reviewed annually to increase preparedness for new and emerging threats. When developing a cybersecurity plan, ensure that IT and security team members have a clear line of communication and collaboration with other teams.
- Consider vulnerabilities in remote work. With the short-term or long-term adoption of a remote workforce, government agencies must consider the vulnerabilities associated with non-work devices, including cell phones. Whenever possible, allow dedicated devices such as laptops or tablets to be used exclusively for business functions.
- Buy proper coverage. It is critical to secure adequate insurance to protect against cyber-related losses that may occur. It is best to consult a trusted insurance professional to discuss specific coverage needs.
As cyber criminals continue to target the public administration sector, it is clear that these institutions must have strong plans in place to mitigate and respond to various cyber threats. If you would like additional information and resources, we are here to help you analyze your needs and make the right coverage decisions to protect your business from unnecessary risk. You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance part of your insurance portfolio, Request a quote or download and get started with our Cyber & Data Breach Insurance Application then we’ll get started for you.