While cyber attacks in the public domain are becoming more sophisticated, possible cybersecurity issues that may be faced by public institutions have the potential to cause serious social and financial damages. Considering that today, almost significant amount of public institutions and organizations have moved their physical infrastructure to the digital and that even states carry out a very big part of their official citizenship affairs via e-government, it is almost impossible to say that the loss of sensitive data which may occur as a result of a data breach will be easy to reverse.
Moreover, incidents of data breaches occurring in the electronic systems of public institutions can cause a serious loss of trust in the public eye, and the citizens' tendency to conduct their official business in the digital environment can significantly decrease, creating a heavy bureaucratic workload. In this regard, it will be useful to thoroughly plan how to ensure data and access security in order to avoid the loss of critical data consisting of millions, maybe even billions of different types of information as a result of a cyber attack.
Why Are Public Institutions Under the Threat of Cyber Attacks?
The answer to the question “Why do cyber attackers target public institutions?” is actually not very complicated. Public institutions may easily face cyber threats due to the sensitive data stacks they possess. Indeed, the 2021 Data Breach Investigations Report prepared by Verizon also supports this view. It was stated in the said report that 11% of the cybersecurity breaches in 2021 had targeted public institutions. It was also mentioned that 3,236 of 29,207 incidents had occurred in public institutions, while data breaches occurred in 885 of them.
So, which personal data make public institutions and organizations so vulnerable to cybersecurity threats?
Social security numbers
Confidential health information
Insurance numbers and records
Intellectual property rights
Identificatory personal data of state employees, workers, private sector employees and students
On the other hand, it is a fact that the state employees working remotely due to the COVID-19 pandemic for an extended period of time has contributed to the increase in the number of data breach incidents in public institutions. Indeed, it is technically unlikely that the Wi-Fi network connected at home or in a public area is as secure as in the workplace, and such networks may also have deficiencies in terms of access security. Accordingly, the data in the report published by Tenable and Ponemon in 2019 revealed that 88% of public institutions had faced at least one cyber attack in the last couple of years.
Current Cases of Data Breach in Public Institutions
Recently, data breaches in public institutions are an issue of interest in many countries around the world. Let us take a look at the recent cyber attacks that have targeted public institutions.
A data leak rendered the online vaccine certification service COVIDCert in Northern Ireland unserviceable in July 2021. As a result, the Ministry of Health temporarily suspended the service.
A large-scale data breach has recently occurred in Tallinn, the capital of Estonia. It was reported that a hacker had downloaded 286,438 ID photos from the government database; the same hacker also revealed a vulnerability in a network managed by the official state body, the Information System Authority.
Another data breach has occurred in the Olympic Games held in Tokyo. Japanese authorities announced that the usernames, passwords, and bank account numbers of volunteers working in the organization and ticket holders were leaked.
With the statement they made in July, Norway held China responsible for the cyber attack on the parliament's email system in March 2021.
As evident from these cases, preventing cyber attacks targeting public institutions is of vital importance for public and personal data privacy. In order to prevent similar attacks, it is necessary to analyze the breaches in detail and to understand the nature of the attacks, their types, and the pathways they followed. For example, when we take a look at the recent attacks, we see that social engineering attacks make up more than 69% of the cyber attacks carried out against public institutions.
On the other hand, research shows that breaches caused by social engineering attacks, human errors, and unauthorized access to the system correspond to 92% of breaches faced by public institutions. Another striking finding of the research is that 83% of data breaches are caused by external threats and 17% by internal threats.
Cases from around the world and their outcomes clearly show that ransomware attacks and phishing attempts are among the most preferred methods used by cyber attackers who target public institutions.
All these types of attacks show that ensuring the security of privileged account access and managing privileges with different security principles are of great importance for the security of sensitive data stacks possessed by public institutions.
How Privileged Access Management (PAM) Protects Public Institutions?
The number of cyber attacks suffered by public institutions can be minimized with Privileged Access Management (PAM) solutions that ensure data security and access security. For example, it is possible to say that the cyber attacks that resulted in the leak of ID photos in Estonia and the theft of personal data in 2020 Olympics in Japan are breaches that could have been prevented by using Privileged Access Management (PAM).
The damage could have been minimized if the targeted public institutions in Estonia and Japan had adopted an end-to-end PAM solution that protected sensitive public data and all the processes that included access to this data. This can be expanded upon by taking the Estonia case as an example.
In the previous years, Estonia introduced an advanced cryptographic identity card system. Adoption of this system indicates that great importance was attached to data security while rapidly digitizing of the country; however, the breach shows that there seems to be some gaps and deficiencies in the access management architecture.
Although the vulnerable points have not been made public yet, it is observed that they need a well-planned data and access security infrastructure. It is possible to be prepared against sophisticated cyber attacks with Privileged Access Management solutions developed to minimize breaches in such situations. For example, with Privileged Session Manager solutions that closely monitor the privileged accounts and sessions, all the sessions on the network can be verified and confusion about access permissions can be avoided.
Alternatively, passwords for the sessions and access of the privileged accounts can be protected using Dynamic Password Controller, and unauthorized access can be minimized by preventing password sharing. Storing the passwords of accounts with privileged access in isolation from the rest of the network in solutions that incorporate the password vault feature is another important way to ensure access security. The Two-Factor Authentication (2FA), on the other hand, enables the use of strong, complex, and variable passwords, and can request time and location information for the verification of privileged accounts. Thus, it can offer a more extensive security than standard 2FA applications.
Other Privileged Access Management (PAM) solutions that will ensure the cybersecurity of public institutions can be listed as follows:
Dynamic Data Masking
Database Access Management
Privileged Task Automation
If you want to ensure data and access security of your institution at an advanced level, you can contact us to get detailed information about Privileged Access Management and Single Connect, which has been once again proven to be one of the top 10 PAM solutions in the world by being recognized in the 2021 Gartner Magic Quadrant for Privileged Access Management report two years in a row.