Trustwave SpiderLabs exposes unique cybersecurity threats in public sector

May 14, 2024
The public sector faces a unique cybersecurity challenge due to a combination of factors.

Chicago – May 14 – Trustwave, a leading cybersecurity and managed security services provider, today released a comprehensive report titled "2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies." The research dives deep into the distinct cybersecurity challenges facing the public sector and offers actionable insights and strategies for cybersecurity leaders to strengthen their defenses.

Cyberattacks threaten the stability and security that governments provide. Robust cybersecurity is essential to safeguard sensitive data and ensure the smooth operation of critical services citizens rely on, from national defense to infrastructure. Breaches can erode public trust, disrupt daily life, and even endanger lives in the case of attacks on critical infrastructure.

"The public sector continues to be a strong focus for highly motivated criminals, hacktivists, and nation-state-sponsored organizations," said Trustwave Global CISO Kory Daniels. "Breaches in the public sector extend beyond financial loss; they can be highly coordinated, malicious, multi-pronged digital and physical attacks. We've observed successful attempts to disrupt critical systems and services while disorienting operations that citizens rely on every day. This includes telecommunications, healthcare, trademark and patent systems, transportation, citizen PII data, law enforcement, and national security. A successful attack can shake the very foundations of society, erode trust in government, and create a climate of fear and uncertainty."

Trustwave SpiderLabs' latest research delves into the attack flow employed by threat groups, shedding light on their tactics, techniques, and procedures. The public sector faces a unique cybersecurity challenge due to a combination of factors including legacy systems, prioritizing public service over security, fragmented IT infrastructure, vast amounts of sensitive data, siloed information, limited budget resources, complex regulations, and being a target for international actors.

"It's particularly concerning how geopolitical motivations tap into the digital realm to perform espionage leveraging deepfakes, social media manipulation, and election interference,” continued Daniels. “As citizens, we entrust the government with vast amounts of our personal information, which is why public-private partnership is critical for defending individuals, businesses, and the government itself."

The Trustwave SpiderLabs report analyzes threat groups and their methods throughout the attack cycle, from initial foothold through to exfiltration. To ensure comprehensive coverage, the report examines cybersecurity challenges facing the public sector globally, encompassing government institutions and essential public services, a few key findings from the report include:

  • Phishing is a leading threat in the public sector, responsible for a staggering 80% of initial access gained by attackers.
  • 43% of ransomware attacks in the public sector were carried out by LockBit 3.0, with Medusa and Play accounting for 13% and 12%, respectively.
  • Local governments are the most vulnerable public sector entities to ransomware attacks, accounting for 60% of incidents.

To access the full Trustwave SpiderLabs threat report, "2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies", please click here.