With Governments Becoming Victims of CyberCrime, How Will They Respond?

Photo by Adi Goldstein on Unsplash

The following post was written and/or published as a collaboration between Benzinga’s in-house sponsored content team and a financial partner of Benzinga.

The number of cybercrime victims is growing on a global scale, and governments are not immune. 

A recent survey found 40% of central government organizations were hit with a ransomware attack during 2020. For the Municipality of Thessaloniki in Greece, a series of cyberattacks forced the immediate closure of all its services. Striking in the United States, cybercriminals targeting the Washington, D.C., Metropolitan Police Department published 250 gigabytes (GB) of stolen data when the department refused to pay $4 million in ransom demands.

Records show that cybercriminals are not only becoming bolder but increasing their attacks. Cybercrime shot up 600% during the COVID-19 pandemic, mostly through sophisticated email phishing schemes and, by the end of the year, is expected to cost the world about $6 trillion.

Fortinet Inc. FTNT, Mimecast Ltd. MIME, and Crowdstrike Holdings Inc. CRWD have all achieved millions of dollars in revenue for providing a defense against cybercriminals. One cybersecurity operator, BIO-key International Inc. BKYI, says it has taken an active approach in not only providing front line defenses in the form of Identity Access Management (IAM) solutions but also in educating the public about the persistence of cybercrime. To reduce their cyber risk, many customers are taking advantage of the benefits of BIO-key’s multi-factor authentication, including unique Identity-Bound Biometric (IBB) authentication options. BIO-key’s IBB technology can verify that a user is the authorized individual behind a data inquiry, transaction, or access request by using a biometric form factor such as a fingerprint or palm scan, as compared to a password, pin code or other factors that can be shared among users.

In partnership with Osterman Research, BIO-key released a white paper report highlighting the government cybercrime problem. The report sheds light on what the future may look like for cybercrime in the government sector, what tools cybercriminals are likely to use, and how governments can improve their defenses.

The Many Faces of CyberCrime

Cyberattacks are diverse. Ransomware, phishing, business email compromise (BEC), data breaches, and misconfigured cloud storage accounts are just some of the weapons cybercriminals can use to attack their victims.

The threat of highest concern across the government sector is cited as ransomware, especially against critical infrastructure. Recent ransomware attacks against Colonial Pipeline Co. and JBS S.A. JBSS have reverberated in governments around the world. Other attacks in the healthcare sectors of Ireland and New Zealand continue to shed light on the problem’s global scale. Altogether, the volume of ransomware attack attempts in the first half of 2021 is 150% higher than the same time in 2020.

Data on other cyberattacks highlights the ubiquity of government-focused cybercrime. Phishing attacks against government targets have been highlighted in India, federal government agencies in the United States, and multiple state governments like California. In recent years, the FBI has seen BEC incidents in the government sector incurring losses of up to $4 million per incident.

Cybercriminals have abused and misconfigured cloud storage accounts to release 1.9 million records from a secret terrorist watchlist, including 1,000 GB of sensitive and confidential data on citizens across 3 states in the United States.

Looking Forward?

The BIO-key white paper from Osterman Research states that certain cybercrimes are just too accessible and easy to manage, making it difficult to foresee any lull in their adoption and use. The report extrapolates recent trends to try and predict future trends in attacks against government agencies. 

In particular, the report states that ransomware may continue to occur via “low-hanging fruit” such as email phishing campaigns and particularly against targets such as federal and central government agencies. A cybersecurity incident at these organizations represents a “symbolic” victory for the attackers as it shatters the public’s collective sense of safety and security. In perhaps a more somber tone, the report also notes that “government agencies that are successfully compromised could be weaponized by cybercriminals to attack citizens, disrupt daily life and undermine confidence in government.” 

Making the World a Little More Cyber Safe

Fortunately, governments around the world have begun to seriously consider the cybersecurity infrastructure of their nations. The Biden administration, for example, released an executive order to improve the nation’s cybersecurity, created by the Joint Cyber Defense Collaboration (JCDC), and launched a one-stop resource for combating ransomware.

The United Kingdom’s 2021 policy paper emphasized the need for enhancing the nation’s cybersecurity position, while Australia and Europe have also both updated their cybersecurity strategies to further strengthen protection over government, business, and critical infrastructure.

The Osterman Research and BIO-key white paper concludes with some practical solutions to cybercrime. Multi-factor authentication, data encryption, and better data sharing methods, for example, are all listed as essential in improving cybersecurity readiness across government and shrinking the likelihood of successful attacks.

As a provider of Identity and Access Management (IAM) and Identity-Bound Biometric (IBB) solutions, BIO-key believes its unique set of cybersecurity solutions are what governments and businesses need to stay safe.

The preceding post was written and/or published as a collaboration between Benzinga’s in-house sponsored content team and a financial partner of Benzinga. Although the piece is not and should not be construed as editorial content, the sponsored content team works to ensure that any and all information contained within is true and accurate to the best of their knowledge and research. This content is for informational purposes only and not intended to be investing advice.