Government bodies are at risk online

(Image credit: Image Credit: Leolintang / Shutterstock)

It’s a statement that’s true for a lot of industries, but it’s different for the government. These aren’t traditional ransomware attacks, or email phishing scams carried out by people at home trying to make easy money. 

Government hacks are calculated. They’re resourceful. People that target the government are often politically motivated and looking to steal specific information. In the most extreme cases, these hackers are state-funded, giving them the time and money they need to ensure their efforts are successful. Hacking is a full-time job for them. 

We only have to look at the Clinton campaign email hacking scandal where sensitive information getting into the wrong hands potentially led to a presidential campaign being derailed, and arguably compromised a US election. 

It’s not just global attacks on such influential government figures that are a threat though. Local councilors and external government staff like teachers are targeted daily by hackers after private party data. These staff are often too busy to stay up to date with best practice for staying safe online, leaving them as prime targets and entry points for hacks. 

Here we’re going to look at the common day-to-day threats to government online, and what you need to do to make sure your organisation is kept safe. 

Information worth stealing

According to some economists, oil is no longer worth more than gold, but data now leads the way. Therefore, government information has become extremely precious to the right people. Where traditional online hacks might look to steal credit card information or personal details - government hackers are after more substantial data. From central through to local governments, to schools, and to national elections - government information is in high demand. 

This is why many hacking operations targeting governments have so much time, money and resources invested into them. Because the reward of acquiring private data is huge. Many state-funded hacking groups work on stealing government information as a full-time job - ready to pounce on opportunities with the latest technologies.

These hackers don’t attempt a breach, then move on to the next target if they fail. It’s their job to make sure they get the data. If they fail a login attempt on a website and get suspended from the account, they simply create a new identity and try again. It’s important for government bodies to make sure no-one other than authorised users can access private information. Two-factor Authentication (2FA) solutions require users to provide a password, plus a one-time code to log-in to a platform - meaning their data can’t be stolen or replicated.

Human error

Busy government staff don’t always have the time to learn cybersecurity best practice. Government employees working in departments such as planning, finance, human resources and the administration staff that support them, have intense workloads - so it’s important they can work quickly and efficiently, without compromising their safety online.

It’s thought that as many as 95% of successful online hacks come down to human error. Mistakes are made by those who aren’t educated in online risks and can’t spot threats to their data. Sometimes it’s not a lack of knowledge, but a problem with relying solely on human performance. Even the most educated person can make mistakes that cause huge data breaches.

Government organisations need to limit the risk of human error as much as possible. If it’s a case of staff reusing static or simple passwords that can be stolen using brute force attacks, then 2FA can be a solution. Once it has been used, successfully or unsuccessfully, then it becomes invalid. The OTC can be provided to the user in a number of ways including SMS, email, mobile app, or a hardware token.

An alternative precaution is the principle of least privilege - which suggests that users should only be able to access the areas of a network that they need, rather than all staff having access to everything. Limiting what different users can access means that if someone clicks through a malware link, or their account becomes compromised, the infiltrator can’t hack into applications they are unauthorised to access.

Hotdesking

Few government jobs involve sitting at the same desk each day. Council workers may have to log in to multiple devices daily - with agile hotdesking a large part of many people’s roles. It’s important to secure your network when you have staff logging on from multiple devices at all times. Government staff need to be able to access their files from anywhere, but they can’t risk the same files becoming accessed by unauthorised users.

Tokenless 2FA solutions can prevent security risks by authenticating the user every time they log-in from a different device. Staff can put 2FA software on their phones, and use the solution to generate a new one-time code every time they want to access the network using a different device. Securing your network with 2FA software gives staff the freedom to use a hot desk working environment - without leaving private data open to hackers. 

To increase flexibility for employees accessing their applications through different devices, 2FA systems should be licensed for each user. Users can have multiple tokens active under one license. This helps to improve uptake when implementing change and rolling out the deployment. 

Third party access

It’s not just central government workers that can spark network access risks. Third party users like healthcare staff and social workers may need to access a local government network - and it’s more difficult to regulate the security of people logging on externally from different devices. Government IT staff don’t have the time to assess and verify every log-in attempt when staff numbers are in the thousands. Where possible, government organisations should invest in Risk-Based Authentication (RBA) solutions that let you set up automatic verification of users based on things like their location, IP address and more. This automates and therefore reduces the workload away from the IT desk without compromising network security. 

Watering hole attacks

Popular sites that drive a lot of traffic from certain groups - like a local government or political party staff - are often targeted by hackers. It’s called a watering hole attack because it mirrors predators waiting for prey when they fetch water. Eventually, someone will click through a malicious link and become infected with malware, giving hackers access to their account information and potentially letting them move horizontally through the network.

IT staff need to make sure their colleagues aren’t accessing compromised websites from their network. Setting up a web filtering solution is one way to stay on top of potentially harmful sites. The filter constantly updates with sites that have been flagged as compromised or dangerous, and blocks users from accessing them from their network. 

Keeping the work process efficient

Staff need to focus on their primary role, and online security is often an afterthought. Time-stretched government staff need working practices to be as efficient as possible. This includes familiarisation and efficiency within their primary applications and platforms, and not having to spend extra time on additional concerns like online safety. Secure solutions should fit into current working practices seamlessly. This way, staff can work how they choose, without their working patterns leaving the network open to attacks.

Recent high-profile government cases show us the startling consequences of a successful attack. Government organisations can hold millions of people’s data, sensitive political information and more - which can be incredibly costly if they end up in the wrong hands. It’s a challenge to secure networks in an industry where staff need to access information at all times, and from multiple devices. So, our government partners need to find a solution that integrates with how they already work, and with minimal disruption. 

Adrian Jones, CEO of Swivel Secure 

Adrian Jones

Adrian is the CEO of Swivel Secure and has nearly 30 years' experience in the IT industry within security; building businesses through start-up, growth and exit phases. He is passionate about technology.