The public sector has undergone intense scrutiny over the past few months as it was forced to face a pandemic with last-minute technological solutions and new ways of working. Sadly, it has also been a target for malicious cyberattackers who are taking advantage of any oversights to steal public sector organisations’ data, take control of their networks, and benefit financially from the chaos.
Despite hackers pledging not to hit the healthcare industry while it battled COVID-19, healthcare organisations across the globe have already experienced severe cyberattacks, one of which was a ransomware attack resulting in tragic consequences beyond data loss. Government bodies such as those in the UK have been plagued with technological blunders, leading to a string of issues like 16,000 COVID-19 test results going unreported and London’s Hackney Council falling victim to a ransomware attack. Meanwhile, education institutions in the UK have been so victimised by ransomware that the NCSC issued a warning alert to schools and universities, advising them to watch out for a rise in attacks in the coming months.
Now that the initial crisis stage is over, the industry as a whole must address its core weaknesses in order to protect its data, continue the provision of vital services and emerge from the pandemic intact.
Mind the gaps
While the pandemic has undoubtedly placed public sector organisations under extraordinary strain, even before COVID-19 hit, the industry’s focus on priorities other than data practices – especially when compared with private organisations – made it a prime target for cyberattacks. Even without a looming pandemic, with limited resources, many public sector organisations have to concentrate on the care of those they are in charge of, as well as the efficiency of service delivery, over securing their data or ensuring any new technological processes are protected.
Indeed, Netwrix research shows that even before COVID-19 hit, only 4% of educational institutions have implemented a data retention programme, while almost a third (32%) of all healthcare organisations didn’t track data sharing amongst employees. Research also shows that these issues have been compounded since the pandemic began – with 33% of educational institutions saying they are more vulnerable to cyber threats than they were pre-pandemic, while 89% of them admit to having new security gaps caused by the rapid transition to remote education. 71% of healthcare organisations are more concerned about insider threats now than before the pandemic.
Unfortunately, this concern isn’t unfounded – most government agency cybersecurity incidents since the pandemic have involved the human factor. Since COVID-19 hit our shores, 53% of public sector respondents said they experienced at least one phishing attack, and 18% reported insecure sharing of sensitive data. But what’s particularly troubling is that improper data sharing was especially hard for government agencies to spot: nearly all organisations needed days (42%), weeks (32%) or even months (21%) to detect it.
Address the common data issues
When faced with an emergency, public sector organisations understandably are forced to act quickly and make do with whatever tools they have in place – a situation that hit the sector particularly hard this year. However, organisations should review the trade-offs they were forced to make at the first opportunity, and while it’s impossible to predict all the possible issues that might arise, identify common areas where things can go wrong.
For example, the most common data glitches include processing errors, accidental data deletion or loss, accidental improper data sharing, or moving data outside of the secured storage area. Each of these mistakes might lead to significant damage and dramatic consequences – especially when it comes to healthcare, where lives are at risk, and education, where vulnerable populations are concerned.
Don’t forget the basics
When it comes to IT processes, it’s also important that public sector organisations maintain basic data hygiene processes even through crises, and have in place controls that help them prevent errors that involve data management – especially the sensitive data of millions of citizens. Paying regular attention to the mundane practices, such as vulnerability management and patching, network segmentation, endpoint security, anti-malware technologies, and email security is the core prevention measure against high-impact attacks like ransomware.
It’s important to note that the public sector is also known for its legacy systems, making it a popular target for hackers and leading to a few data-related blunders over the past few months. It is clear that organisations across the public spectrum need to update their systems and plan for more scalable technology, or for additional tools and security controls, or changes to availability strategy, that can be foreseen when managing the crisis of a large nation, and as we continue to navigate the need to go as virtual as possible when it comes to work and collaboration.
Looking ahead
The good news is that the research shows that 38% of government organisations now plan to prioritise IT staff education, a rise from 20% pre-pandemic. It is incredibly important that all staff are trained in how to identify a malicious email as well as learn the steps to take following a security incident. Training should be regular and relevant to the job function. For example, if every physician or teacher is aware of disastrous consequences a ransomware might bring to their personal remits, they will consider following cybersecurity hygiene as important as hygiene in their everyday job.
The figures also show that public sector interest in digital transformation doubled, from 26% pre-pandemic to 56% now. This is an excellent move in the right direction, as the public sector will ultimately lose people’s trust and face funding problems if it does not prioritise data security to future-proof against whatever uncertainties continue to abound.
Ilia Sotnikov
Netwrix