Trustwave report highlights public sector's cyber vulnerabilities

The latest report from Trustwave, ' 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies,' illuminates the distinct cybersecurity challenges plaguing the public sector and offers valuable insights for cyber defence strategies. The disclosure aims to reinforce cybersecurity defences amidst the persistent threat of cyberattacks that aim to breach sensitive information.

The report points out that cyberattacks pose a significant threat to the stability and security of government services. Effective cybersecurity measures are mandatory for protecting sensitive data, ensuring the seamless operation of essential services, and upholding citizens' confidence in public utilities. Attacks on infrastructure could potentially threaten lives, disrupt daily routines, and weaken public faith.

Kory Daniels, Global Chief Information Security Officer at Trustwave, highlighted the escalating consequences of breaches in the public sector. He said, "Breaches in the public sector extend beyond financial loss; they can be highly coordinated, malicious, multi-pronged digital and physical attacks. Successful attempts to disrupt critical systems and services while disorienting operations that citizens rely on can shake the very foundations of society, erode trust in government, and create a climate of fear and uncertainty."

The research by Trustwave SpiderLabs examines the attack flow utilised by threat groups, giving a deeper understanding of their tactics, skills, and procedures. Several factors make the public sector uniquely vulnerable to cybersecurity threats, including legacy systems, prioritising public service over security, fragmented IT infrastructure, sensitive data repositories, information isolation, limited budget resources, labyrinthine regulations, and risk of being targeted by international actors.

Elucidating further on the public sector's susceptibility to cyber threats, Daniels added, "It's particularly concerning how geopolitical motivations tap into the digital realm to perform espionage, leveraging deepfakes, social media manipulation, and election interference. As citizens, we entrust the government with vast amounts of our personal information, which is why public-private partnership is critical for defending individuals, businesses, and the government itself."

The Trustwave SpiderLabs report provides a detailed analysis of threat groups and their methods throughout the attack cycle. The research includes the cyber threats facing global public sector bodies such as government institutions and essential public services. Among the key findings, it was revealed that phishing posed a key threat to the public sector, accounting for 80% of the initial access achieved by attackers. Apparently, local governments were the most susceptible to ransomware attacks and accounted for 60% of such incidents. Furthermore, 43% of public-sector ransomware attacks were orchestrated by LockBit 3.0, with Medusa and Play responsible for 13% and 12%, respectively.