Extra Protection Against the Alarming Surge in Cyber-Attacks on Public Sector Organisations
Public Sector organisations are under an increasing number of attacks from cyber-criminals, often being specifically targeted by fraudsters who perceive them to be “easier targets”, mostly due to older infrastructures and less-than-robust cyber security awareness training. This article highlights the risks involved, and more importantly what you can to to counter them, whilst introducing the concept of the ‘Human Firewall’.
Why Are Public Sector Organisations Being Targeted?
Whilst it’s true that cyber-attacks affect every sector, 2021 is seeing an alarming surge of Ransomware Attacks on Public Sector organisations that are being targeted specifically because they are perceived by cyber-criminals to be “easy targets” that have large sums of money. In recent years, attacks on non-profits, councils, schools, government agencies, and other institutions within the public sector have skyrocketed.
The Ransomware surge is ruining lives. That’s the headline of a BBC News article (published at the end of April 2021) that highlights the malware attack at Hackney Borough Council. The council is still reeling from the attack 6 months later, and it’s expected to cost more than £10m to fully recover.
We’ve whittled it down to three main reasons:
- Public Sector organisations often collect and store a wealth of sensitive personal information
- This information is incredibly valuable to many cyber-criminals for them to take advantage of
- Government identity theft is one of the most popular and fastest growing forms of identity theft
What’s the Risk to the Public Sector?
18% of UK public sector organisations suffered over 1,000 cyber attacks each in 2018. Public sector organisations endure the same financial problems and damage to reputation and staff morale that any private company suffers when cyber-crime is committed against it. One such example of a prominent attack was the WannaCry ransomware attack on the NHS (in 2017), it is said to have cost the NHS over £92 million, not to mention the huge impact on staff working at the time and public morale that followed the news breaking.
Cyber-Crime is a Bigger Threat Than Ever With COVID-19 and the Rise of Remote Working
The National Cyber Security Centre, the cyber arm of GCHQ, has repeatedly warned of significantly increased criminal activity aiming to commit cyber-crime that exploits the fears of COVID-19 as a tactic. With an unprecedented rise in the number of employees all over the world that are now working from home, hackers have been working overtime to take advantage of this situation, and organisations need to make sure they remain more vigilant than ever, with as many layers of defence as possible.
Which Cyber-Threats are we Talking About Exactly?
- Social Engineering – A manipulation technique that exploits human error to gain private information, access, or valuables that an employee probably shouldn’t be giving up. According to a study by IBM, 95% of ALL cyber-breaches are due to human error. In cyber-crime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems.
- Phishing – According the the Wall Street Journal, 97% of all cyber-attacks start with a Phishing email. When you think about it, there’s no wonder really when you consider that most of us are using email daily for both personal and business use. See our Blog Post: A Beginner’s Guide to… Phishing for more information.
What is a Human Firewall?
Your organisation should already be using multiple layers of technology to help your protect against cyber threats, including email filters, advanced threat protection, and firewalls to catch phishing emails; however, no technology can stop every single threat from slipping through the net.
With well thought out end-user security awareness training, your employees can become your Human Firewall – one of the strongest lines of defence for all organisations, whether private or public sector. Your staff need end-user cyber-security awareness training to be able to recognise the risks presented by social engineering techniques, phishing emails, and many other types of cyber threat.
E-ZU eLearning Management System
An all-in-one cloud solution built to inspire learning and fuel workplace productivity.
Our next-generation platform delivers tailored, up-to-date training content across a range of business-critical topics, via an extensive course library of over 5,000 videos, and the ability to add your own custom channels and content.
It’s simple to use and comes packed with powerful tools to manage training and track development, to increase learner engagement (with in-built gamification), and build a sense of community across your workforce – all under an affordable per-user/per-month pricing model.