Mike Boyle, TCC Director of Business Development
According to a recent article on the State Tech Magazine website, last year government agencies accounted for 12.5% of all data breaches, making it the third most frequently targeted business sector. https://statetechmagazine.com/article/2021/05/employee-vulnerability-social-engineering-remains-key-threat-government
The article states that social engineering, especially phishing, is the most popular type of attack. Social engineering attacks target individuals and try to get them to provide personal information to establish fake credentials, or to just give out the targeted information. This is usually in the form of sending generic messages to a large volume of people, hoping that some will disclose information or click on a malicious link.
With access to personal information about a government employee, the cybercriminal can easily spoof what appears to be a legitimate request to send sensitive information via email, as data moves between agencies or departments. Or they can gain access to critical information because if the request looks valid, it is usually processed.
The article notes that some of the factors that make government systems vulnerable to this type of attack include the use of outdated legacy systems, high data volume, overly bureaucratic public processes, and inadequate government employee cybersecurity training.
The article points out that to proactively defend against phishing, a combination of policies, controls, and procedures must be in place.
Employee cybersecurity training is critical to preventing phishing attacks. The article states “Inadequate government employee cybersecurity training makes the above more likely to happen. A 2020 IBM Security study found that only 38 percent of local and state employees in IT, security, education and emergency services departments have been given any training in ransomware prevention, including on the threat of social engineering and on basic security hygiene in the workplace.”
Because phishing attacks rely upon human error to be successful, ongoing cybersecurity training that alerts employees to the most current form of attack, and teaches them how to avoid becoming a victim, and disclosing critical information is critical to preventing attacks.
The article notes that strengthening agency internal audit systems can help expose vulnerabilities, and “data analytics, machine learning and artificial intelligence tools can help flag any irregularities that might signal an attack in progress.”
However, the article points out that if cybercriminals do not have access to government employee personal information, any phishing attack is less likely to be successful. “Although minimizing the digital footprint left by employees in the past isn’t easy, a good place to start is to ask staff to self-audit themselves on the internet. After searching for their names online, public servants may realize that their social media accounts are too revealing or that their personal information is listed on countless data broker sites.
While removing data from data broker sites is a tedious and at times complicated process, government agencies can take advantage of data broker removal services that automatically opt public servants out of such sites — and make sure they stay off them for good.”
These areas of vulnerability must be addressed to thwart the ever increasing risk of a cybersecurity attack. The article states “By cutting off ammunition for threat actors through employee personal information removal and deploying effective tools and training strategies, government departments can take back control of their cybersecurity.”
To find out more about TCC and our work with various government agencies please visit our website https://www.e-tcc.com/