Cybersecurity in Public Institutions

Cybersecurity in Public Institutions

Aug 15, 2021 / Kron

While cyberattacks in the public domain are becoming more sophisticated, any cybersecurity issues public institutions face have the potential to cause serious social and financial damages. Considering that a significant number of public institutions and organizations have moved their physical infrastructure to the cloud, and that even states carry out a big part of their official citizenship administrative affairs via e-government, it is impossible to deny that the loss of sensitive data resulting from a data breach will be extremely hard to reverse.

Moreover, incidents of data breaches occurring in the electronic systems of public institutions can cause a serious loss of trust in the public eye, and the citizens' tendency to conduct their official business in a digital environment can significantly decrease, creating a heavy bureaucratic workload. In this regard, it is essential to thoroughly plan how to ensure data and access security in order to avoid the loss of critical data consisting of millions, maybe even billions, of different types of information as a result of a cyber attack.

Why Are Public Institutions Under the Threat of Cyber ​​Attacks?

The answer to the question “Why do cyber attackers target public institutions?” is actually not very complicated. Public institutions easily face cyber threats due to the sensitive data stacks they possess. Indeed, the 2021 Data Breach Investigations Report prepared by Verizon also supports this view. The report states that 11% of the cybersecurity breaches in 2021 targeted public institutions. It also mentions that 3,236 out of 29,207 incidents occurred in public institutions, while actual data breaches occurred in 885 of them.

So, which personal data makes public institutions and organizations so vulnerable to cybersecurity threats?

  • Social security numbers
  • Confidential health information
  • Insurance numbers and records
  • Bank records
  • Trade secrets
  • Intellectual property rights
  • Personal Identification Data of state employees, workers, private sector employees, and students

On the other hand, it is a fact that state employees working remotely due to the COVID-19 pandemic for an extended period of time contributed to the increase in the number of data breach incidents in public institutions. Indeed, it is technically unlikely that the Wi-Fi network connected at home or in a public area is as secure as in the workplace, and such networks may also have deficiencies in terms of access security. Accordingly, the data in the report published by Tenable and Ponemon in 2019 revealed that 88% of public institutions had faced at least one cyber attack in the last couple of years.

Recent Cases of Data Breach in Public Institutions

Recently, data breaches in public institutions became an issue of interest in many countries around the world. Let us take a look at the recent cyberattacks that have targeted public institutions.

  • A data brerach rendered the online vaccine certification service COVIDCert in Northern Ireland unserviceable in July 2021. As a result, the Ministry of Health temporarily suspended the service.
  • A large-scale data breach has recently occurred in Tallinn, the capital of Estonia. It was reported that a hacker downloaded 286,438 ID photos from the government database; the same hacker also revealed a vulnerability in a network managed by the official state body, the Information System Authority.
  • Another data breach has occurred in the Olympic Games held in Tokyo. Japanese authorities announced that the usernames, passwords, and bank account numbers of volunteers working in the organization and ticket holders were leaked.
  • With the statement they made in July, Norway held China responsible for the cyber attack on the parliament's email system in March 2021.

As is evident from these cases, preventing cyberattacks targeting public institutions is of vital importance for public and personal data privacy. In order to prevent similar attacks, it is necessary to analyze the breaches in detail and to understand the nature of the attacks, their types, and the pathways they followed. For example, when we take a look at recent attacks, we see that social engineering attacks make up more than 69% of the cyberattacks carried out against public institutions.

Research also shows that breaches caused by social engineering attacks, human errors, and unauthorized access to the system correspond to 92% of breaches faced by public institutions. Another striking finding of the research is that 83% of data breaches are caused by external threats and 17% by internal threats.

Cases from around the world and their outcomes clearly show that ransomware attacks and phishing attempts are among the most preferred methods used by cyber attackers who target public institutions.

All these types of attacks show that ensuring the security of privileged account access and managing privileges with different security principles are of great importance for the security of sensitive data stacks owned by public institutions.

How Privileged Access Management (PAM) Protects Public Institutions?

The number of cyber ​​attacks suffered by public institutions can be minimized with Privileged Access Management (PAM) solutions that ensure data and access security. For example, the cyberattacks that resulted in the leak of ID photos in Estonia and the theft of personal data in the 2020 Olympics in Japan are breaches that could have been prevented by using Privileged Access Management (PAM).

The damage could have been minimized if the targeted public institutions in Estonia and Japan had adopted an end-to-end PAM solution that protected sensitive public data and all the processes that included access to this data. This can be expanded upon by taking the Estonia case as an example.

In previous years, Estonia introduced an advanced cryptographic identity card system. Adoption of this system indicates that great importance was attached to data security while rapidly digitizing the country. However, the breach shows that there seems to be some gaps and deficiencies in the access management architecture.

Although the vulnerable points have not been made public yet, it is obvious that they need a well-planned data and access security infrastructure. It is possible to prepare against sophisticated cyberattacks with Privileged Access Management solutions developed to minimize breaches in such situations. For example, our Single Connect’s Privileged Session Manager closely monitors privileged accounts and sessions, and all sessions on the network can be verified eliminating confusion and inconsistencies in access permissions.

Alternatively, passwords for the sessions and access of privileged accounts can be protected using Single Connect’s Dynamic Password Controller, and unauthorized access can be minimized by preventing password sharing. Storing the passwords of accounts with privileged access in isolation from the rest of the network, along with the incorporation of a password vault feature is another important way to ensure access security. The Two-Factor Authentication (2FA) feature, on the other hand, enables the use of strong, complex, and variable passwords, and can request time and location information for the verification of privileged accounts. Thus, it can offer a more extensive security than standard 2FA applications.

Other Single Connect Privileged Access Management (PAM) modules that will ensure the cybersecurity of public institutions can be listed as follows:

  • Dynamic Data Masking
  • Database Access Management
  • Privileged Task Automation

If you want to ensure the data and access security of your institution at an advanced level, contact us to get detailed information about Privileged Access Management and Single Connect, proven to be one of the top 10 PAM solutions in the world by being recognized in the 2021 Gartner Magic Quadrant for Privileged Access Management report two years in a row.

Highlights

Other Blogs