Terry Greer-King, VP EMEA at Sonicwall, offers advice on how can the public sector protect itself from 2021’s cybercrime ‘explosion’
Cyberattacks on the public sector are at an all-time high. Whether mammoth organisations such as those impacted by the SolarWinds supply-chain attack, or UK local authorities such as Hackney Council, no public sector body is safe from sophisticated cybercriminals, often bankrolled by nation-states.
New data from SonicWall that ransomware attacks have skyrocketed in 2021. The 304.7 million ransomware attacks recorded in the first six months of 2021 eclipsed the whole of 2020. In addition, the same data found that attacks against the government and public sector have risen a staggering 917% in the first six months of 2021. The United Kingdom was the second most-hit country for ransomware, suffering 14.6 million attempts through June 2021.
When we look back on the year, there has been an exponential growth in the volume and sophistication of cybercrime. If the public sector is to continue safely providing its essential services when the country looks to rebuild following the pandemic, improving cyber defences is an absolute priority.
Why the public sector?
Unfortunately, many public sector bodies don’t have the resources to inject the increase in IT spend needed to protect them. For instance, the 2017 WannaCry ransomware attack on the NHS was made possible by using outdated Windows operating systems and cost taxpayers £92 million.
This comes at a time of massive cybersecurity skills shortage, with most of the top talent likely to be snapped up by more lucrative offers from private-sector competitors, which are also having trouble finding and hiring enough talent. The most recent Cyber Security: Skills in the UK Labour Market report found that over 54% of UK businesses lacked the skills or confidence to perform basic cyber security tasks.
How to safeguard the network: multi-layered cybersecurity
In such a complex landscape, legacy approaches to cybersecurity will no longer suffice. Instead, the public sector needs to adapt fast, and crucially needs to understand that cybersecurity today is boundless. The idea behind a layered cybersecurity model is simple: the more obstacles you place in front of an attacker, the better your chances are to stop them before your network is compromised. But there are modern and proactive approaches to this strategy, as well as expensive and traditional models.
However, the first layer of any cybersecurity approach is security awareness, and all organisations should prioritise giving employees a thorough education on modern cyber threats and safety procedures. You could have the most advanced cybersecurity processes in the world, but if an attacker convinces one of your workers into giving up their credentials, it will all count for nothing.
Therefore, it’s crucial to educate employees about phishing and other attacks that exploit human behaviour. However, while educating employees on best practices is likely to limit the chances of suffering a phishing attack, without a truly layered approach, organisations will continue to be sitting ducks.
Eight steps to sound cybersecurity
Here are eight key steps to implement to strengthen an organisation’s defences:
- Network security – Physical and virtual firewalls make up the backbone of any sound cybersecurity posture and help safeguard against large volumes of common attacks.
- Real-time sandboxing – To inspect suspicious files that firewalls don’t have a known signature to check against. This is essential to capture and block constantly evolving strains of malware.
- Zero-trust security – To prevent unauthorized users from accessing and moving through a public sector network and gives trusted users only access to what they need.
- Strong authentication – Including two-factor authentication (2FA), and identity and access management (IAM), to verify users and devices. Even strong passwords alone are not enough.
- TLS/SSL inspection solutions – To conscientiously and responsibly decrypt, inspect and re-encrypt malicious files hiding within SSL and TLS traffic.
- Cloud application security – To discover, manage and defend the slew of SaaS apps used today.
- Mobile and remote access security – To permit long-term access to networks, applications and information from remote locations.
- Email security solutions – To protect against targeted phishing, email compromise, and other social engineering attacks that see the criminals impersonating legitimate personas.
Know your organisation
Ultimately, every organisation is different, and there is no ‘one size fits all’ approach for creating a strong cybersecurity posture. While the above steps will help the public sector form a strong bedrock, each network will need its own analysis to protect itself from threats.
Finally, it’s important to stress that while technology has helped us enormously in the fight against cybercrime, there will always be vulnerability without implementing processes to ensure policies are being adhered to, monitored, and enforced across the board. Executing a modern layered security strategy in a unified, harmonised, and un-siloed environment is far and away the best strategy to keep public sector networks safe.