Government agencies and critical infrastructure remain attractive to cybercriminals, so security regulations and good business practices must evolve alongside the adversaries, according to a government-specific edition of cybersecurity product developer Symantec’s 2017 Internet Security Threat Report.
Few governments have an obligation to report data breach incidents, but an assessment of 2016 incidents ranks the public administration sector as the ninth most-targeted sector.
Cyber espionage is nothing new, but cheaper and better ways to create chaos or unravel government and critical structures increase the likelihood of data and phishing, spoofing, or social engineering tactics. Nearly 1.2 million government identities were exposed in 2016, and the frequency and vectors of attack are increasing.
The average rate of spam fell from 2015 to 2016 — data consistent with general trends seen throughout industry sectors. However, the decreased interest in spam is balanced by an increased interest in utilizing phishing scams. The overall average use of phishing scams seen in the public administration sector grew from 1 out of every 3,058 emails in 2015 to 1 out of every 2,329 emails in 2016. In addition, the use of malware rose significantly. In 2015, malware was averaged at 1 out of every 526 emails; last year, however, the average use of malware was 1 out of every 141 emails.
Of all the attacks in 2016, most against government sectors originated from within the United States or from India. The cybercriminal’s most popular method of attack were web server attacks, which accounted for 35.6 percent of all attacks on the government. At a close second, shellcode/exploit attacks accounted for 31.5 percent of government and critical infrastructure attacks, most of which were see within the healthcare sector of the government.
The proliferation of Internet of Things devices and systems nearing the end of their lifecycle means components need to be designed not only to fit a purpose, but to be secure for use from deployment. Collaboration with industry can assist transparency in the security of devices and decisions on how to design and integrate products for government networks. It can also assist the design of training programs that can greatly assist data loss prevention.
The evolved trends and techniques make use of resources at hand. By “living off the land” cybercriminals can enact a symptomless infection and hide in plain sight. Knowing the current trends and security risks is essential for government security teams to make a more secure network.
A complete copy of the 106-page report will become available on Symantec’s site.
Rachael Kalinyak is an editorial intern with Network Solutions.