Sponsored Content

Government Organizations Are Paying the Price for Inadequate Cybersecurity

A number of public entities have suffered major data breaches recently, resulting in hundreds of millions of dollars in costs. It is alarming how unprepared many of these organizations were for cyber-attacks, highlighting the need for cybersecurity insurance. In order to obtain an appropriate cybersecurity insurance policy, government entities need to be aware of the actors who pose a threat to their cyber capabilities as well as the tools and vectors by which these actors can effectuate cyber-attacks. The following is an overview of the more high-profile cybersecurity breaches that have occurred in the last few years and an in-depth review of potential actors.

By Thomson Reuters  
on

image001A number of public entities have suffered major data breaches recently, resulting in hundreds of millions of dollars in costs. It is alarming how unprepared many of these organizations were for cyber-attacks, highlighting the need for cybersecurity insurance. The following is an overview of the more high-profile cybersecurity breaches that have occurred in the last few years.

  • In 2015 the Federal Office of Personnel Management announced a data breach that included more that 21 million Americans’ personal information.  The ID monitoring costs alone have topped over $130 Million the Director of the OPM has stepped down.
  • A class action law suit was brought against the Georgia Secretary of State stemming from a “clerical error” that resulted in personally identifying information for 6.2 million voters, including social security numbers and drivers license records, to be released to 12 organizations in October 2015.  The breach affected anyone registered to vote in Georgia.  Georgia is providing one year of credit monitoring services at a cost of $1.2 Million.
  • After having their system hacked, the Lincoln county Sheriff’s Department and several nearby cities in Maine were forced to pay $300 in bitcoins to retrieve confidential records being held hostage by the hackers.  The system was breached when an employee clicked on an e-mail containing malware.  The hackers haven’t been located.
  • When the Regional Income Tax Authority of Brecksville, Ohio couldn’t locate a DVD containing tax and other personally identifying information for about 50,000 people they gave written notice and agreed to pay for one year of credit monitoring at an unknown cost.

These incidents highlight how both large and small government agencies are vulnerable to cyber-attack.  No organization can be confident that it can escape the pitfall of a large scale data breach without adequate cybersecurity and the protection of cybersecurity.

Cybersecurity Threat Actors and Tools That Organizations Should Understand

In order to obtain an appropriate cybersecurity insurance policy, organizations need to be aware of the actors who pose a threat to organizations’ cyber capabilities as well as the tools and vectors by which these actors can effectuate cyber-attacks.

Potential threat actors include a wide variety of characters such as state actors, hacktivists, cyber terrorists and cyber criminals. One of the many difficulties with this type of threat, however, is determining who is responsible for any given attack. Some investigations into cyber-attacks have gone on for years with little progress made on attribution. The consequences of this can be dangerous if investigators jump to conclusions, as attacks perpetrated by independent actors can be disguised so that they appear to have been perpetrated by state actors or vice versa.

Employees can also be threat actors in the form of negligent or rogue employees. Negligent employees are one of the top causes of data breaches. Relatively simple mistakes such as sending out incorrect data, losing or inappropriately using hardware, or becoming a victim of phishing have resulted in major cybersecurity breaches. Rogue employees can also be dangerous threat actors as they are often in a position to easily steal data and hardware, commit extortion or sell data to a third party.

Sponsored

The tools threat actors use are diverse and not necessarily limited to cyberspace. Prominent among them are the many varieties of malware that exist and continue to be developed. The Following are some common types of malware to be aware of:

  • Spyware – software with spying capabilities such as user activity monitoring, collecting keystrokes and data harvesting
  • Ransomware – software that lures its victim to a web site and then locks the user’s computer until user makes a payment
  • Trojan horses – malware that disguises itself as a normal file or program to trick users into downloading and installing malware, often allowing remote access to the infected computer
  • Worms –a type of virus with the ability to self-replicate and spread independently that typically causes harm to host networks by consuming bandwidth and overloading web servers

Another common method of cyber-breach is pin skimming, in which a counterfeit card reader placed over an ATM’s card slot is used to steal personal information stored on debit card that are swiped. Breaches can also take place by less technological means through social engineering (also referred to as phishing, whaling, pretexting, or bating). With these methods, threat actors manipulate individuals with access to a targeted system into performing actions or divulging confidential information. For example, fraudsters will often attempt to get sensitive information, such as pin codes or account numbers, from their targets by using e-mails, IMs, comments, or text messages that appear to come from a legitimate, popular company, bank, school, or institution.

Threat vectors are the paths used by the threat actor to infiltrate companies’ data systems. They include supply chain vulnerabilities, wireless access points, and removable media. Email remains a major threat vector as well. A recent study found that 61 percent of energy firms view email as the biggest threat vector for cyber-attacks via malware. The scope and quantity of threat vectors is only increasing as more and more organizations are instituting Bring Your Own Device (BYOD) policies in which employees can access company data via mobile devices. It is crucial to exercise caution in implementing BYOD policies and it is recommended that such policies require employees to install malware detection software on their mobile devices.

Understanding how threat actors can penetrate an organization’s information security system is crucial to assessing where a company’s cyber vulnerabilities lie and obtaining the appropriate cybersecurity coverage.

Sponsored

Topics

, , ,