FortiGuard Labs’ recent Cyber Threat Predictions for 2022 offers a view to the latest cybersecurity threats organizations must have on their radar. Among frequently targeted organizations, the public sector must take particular note. Whether defending against criminals looking for a payoff, or nation-states seeking to disrupt government or acquire intellectual property, the public sector is a frequent target for threat actors. Based on this new report, public sector defenders will need to prepare for more frequent and virulent attacks.
More sophisticated, more damage.
Trends identified in the Fortinet report indicate an increase in quantity, impact, and sophistication of attacks and Advanced Persistent Threats (APT) are of increasing concern for public sector targets. With APTs, threat actors can access systems and “dwell” for extended periods, increasing the potential for damage. The use of APT signals a premeditated and patient approach. By investing in the reconnaissance and weaponization phases of an attack, cybercriminals are willing to play the long game for a bigger payoff.
Another area of concern is the escalating damage threat actors are capable of. A good example is the evolution of ransomware. Last year FortiGuard Labs saw ransomware grow by a factor of 10, driven in part by victims’ willingness to pay and the emergence of ransomware-as-a-service. In a recent threat report, ransomware continues at peak levels. Ransomware attack kits are now readily available on the dark web and their sales are helping fund the development of more lethal payloads by combining ransomware with denial of service attacks, wiper malware, or “killware,” to damage systems and data.
This escalation could push threat actors beyond traditional IT targets to target OT systems and the public sector. As these targets have the potential to impact whole industries and populations, an attacker could demand much higher ransoms, making them particularly attractive to bad actors. Preventing these attacks will require the public sector to mimic the private sector by keeping a closer eye on new threats and adopting leading-edge security approaches, including artificial intelligence (AI) and machine learning (ML).
Rethinking security approaches
As networks evolve and become more connected, government organizations must adopt more aggressive security stances. Remote or hybrid work models adopted to meet the workforce’s needs during the pandemic have stretched IT teams and network infrastructure. The network perimeter will only expand further with the introduction of 5G, making approaches like zero trust access and automated detect and remediate services a necessity.
Another area worthy of attention is infrastructure. The public sector is often among the largest property owners at municipal, provincial and federal levels. Many of these buildings include operational technology (OT) common to smart buildings, creating an IoT footprint. Recent findings from FortiGuard Labs’ Threat Report show that cybercriminals are increasingly targeting Linux, widely deployed across IoT and OT devices. As a result, public sector cybersecurity workers must consider OT threats as part of their security stance.
Thinking ahead for a more secure public sector
Threat reports show us that cybercrime is on a steep upward trajectory, with the number of attacks and attackers on the rise. The tools at their disposal are easier to access and capable of more damage. Paired with an ever-expanding attack surface and remote or hybrid work models, public sector organizations need to consider security platforms that can provide broad, integrated, and automated protection across all networks, endpoints, applications, and in the cloud. Access to up-to-the-minute threat intelligence and research is another way to stay ahead of attacks. Through reliable intelligence, organizations will be better able to disrupt campaigns and activity. Only by being proactive and aligning resources closer to the cutting edge can public sector organizations defend against tomorrow’s threats.