Cyberattacks Targeting Government and Public Sector on Rise

A new report has observed a significant uptick in cybercriminals targeting government organizations around the world.

There has been a sharp rise in cyberattacks – and subsequently data breaches – impacting public sector organizations across the globe during the second quarter of 2023, a recently released report has said.

This is particularly concerning considering the highly sensitive data held by government entities – which includes federal agencies, schools, utility companies, and other services – and the widespread usage of weak passwords by government employees in countries like the United States.

Worryingly, a lot of the malware used in these sorts of attacks is easy to access and doesn’t cost much to acquire.

Attacks Against Governments and Institutions up 40%

The Blackberry Threat Research and Intelligence Team recently released its Q2 report, which tracks cyber threats between March to May of 2023.

They found that cyberattacks on government agencies and institutions had increased by a staggering 40% compared to the previous period. The company itself stopped more than 55,000 attacks against government entities.

City authorities in California, Texas, and Georgia – as well as Toronto – have all been targeted recently, the report says. It’s not just the US and Canada that are prone to attacks, however.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.See deal button

Just a few days ago, for instance, The i revealed that the UK foreign office was hit by a Russian and Chinese attack that saw hackers gain access to “internal systems”.

In the past few months, more and more governments have been caught out. The Blackberry report references a recent threat campaign that focused on “Pakistani government targets” and “was delivered by a complex execution chain that relied on phishing emails and weaponized documents”.

Another recent incident involved a breach of the Norwegian government’s IT systems, which were broken into via a zero-day vulnerability in July. The attack affected at least twelve of the Scandinavian state's government departments.

In a similar case from June, Swiss government data was reportedly leaked online after a ransomware attack compromised a third-party software provider.

US Government Employee Passwords Are Weak

Considering the sensitivity of the data that government organizations and public entities tend to store, you may think that employees would be more motivated than most other organizations to ensure their accounts are secured with strong passwords. But this isn't necessarily the case.

An audit of US federal agencies found that around 20% of passwords could be cracked using standard cryptographic methods, while 89% of “high-value assets”, which the audit defines as “assets that could have serious impacts to the Department’s ability to conduct business if compromised”, weren’t protected by multi-factor authentication.

Another report from March 2023 found that around 5% of federal employees had fallen victim to a phishing attack at some point, while 21% said they didn't even care if their organization got hacked.

Malware: Cheap to Buy, Easy to Use

Along with inadequate defenses against sophisticated, contemporary threats, the other problem for governments is just how accessible and cheap malware is in 2023.

Ransomware-as-a-service kits can now be bought for under $40, in some cases. Phishing kits, on the other hand, have been seen selling for as little as $2. Crucially, however, you don’t need to be a tech genius to operate them – something which is at the heart of the wider “cybercrime-as-a-service” boom.

Despite its growing prevalence, there are still some things that you can do to protect yourself against a myriad of malicious activities. For example, ensuring you’re not giving a hacker an easy way in by creating strong, unique passwords is essential, as is activating multi-factor authentication wherever you can.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is a Lead Writer at Tech.co. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol five years ago. As a writer, Aaron takes a special interest in VPNs, cybersecurity, and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals