In nearly every part of the world, people associate the word ‘government’ with order. Government services bring societal order, economic stability and security at all levels. However, the past decade of data breaches has challenged this. Federal and local governments battle worldwide breaches and cyber attacks. Data security flaws have been so pervasive in public sectors that costs that come with a data breach have risen nearly 79% year over year

How Does a Government Data Breach Happen?

Several years ago, the idea of governments falling victim to cyber attacks was hard to imagine. The public and governments had high standards for maintaining security governance and strict data compliance. However, the public sector includes multiple government services. (Look at the military, law enforcement, infrastructure management, public transit and educational facilities.) So, there is no shortage of digital footprints that threat actors can try to exploit.

In local and federal governments, a data breach involves any incident where attackers access or distribute confidential or protected information. Data breaches can occur through both physical and digital means. Attackers often combine them with various forms of cyber attack. (Think phishing schemes, ransomware attacks, viruses, malware and other malicious software.) Data breaches can expose confidential records, social security numbers, financial information and other sensitive details. Meanwhile, strict privacy laws often protect these in public sectors. 

Well-Known Government Data Breaches

Sadly, cyber attacks and data breaches impacting the public sector have become more and more common over the years. Now, governments invest a lot in their cybersecurity programs in response to the growing surge of attack variants targeting them.

In 2015, attackers compromised the personal credentials of over 190 million voters from the U.S. Voter Database, including their names, addresses, party affiliations and other private contact information. Misconfigured voter databases allowed this sensitive information to be easily displayed to anyone surfing the web. There are still some competing theories as to how this leak was caused, including Russian threat actors. The fact remains that the owners of the database did not manage the digitization of private records securely enough. This opened the door to a number of data compliance issues.

On May 7, 2019, an attacker hit the government of Baltimore’s networked systems with a new variant of ransomware, holding all servers with the exception of essential services up for ransom. Attackers compromised hundreds of thousands of people’s personal information. This was possible due to poor IT practices and an inadequate technology budget or cyberattack insurance policy.

Most recently, in December of 2020, the U.S. federal government faced the worst data breach the U.S. ever saw due to the sensitivity of the information accessed and the duration of the breach. It also impacted NATO, the U.K. government, Microsoft and the European Parliament. The data breach was not detected for months, giving the attackers access to tens of thousands of people.

How Much Does a Government Data Breach Cost? 

A government data breach can lead to a major financial loss. They also have grown larger over the years. According to the Cost of a Data Breach Report 2021, sponsored, analyzed and published by IBM Security, the total global cost of data breaches in public sectors rose nearly 79% between 2021 and 2020. That’s a total average data breach cost of $1.93 million. The public sector still represents a much smaller percentage of industries impacted by data breaches. However, the aggressive year-over-year growth of related costs is starting to show how important cybersecurity projects have become. 

The Risks and Challenges of Data Security in Government 

Today, government entities face an uphill battle when combating the growing surge of cyber espionage and extortion. Now more than ever, the public sector needs to focus on its security hardening measures across all infrastructure layers. At the same time, the sector also needs to maintain adequate budgets to support its data governance and disaster recovery efforts.

Government entities now have a much more pronounced digital target on their backs. A new generation of attackers happily accepts the high-risk-high-reward aspect of data breaches within public sectors. So, local and federal governments must execute thorough vulnerability analysis assessments. They should take a comprehensive look at database configurations and their data privacy compliance. 

Very few industries are immune to the financial impact data breaches can have. 2021 has also taught us that attackers have sharpened their focus on the public sector. This creates a sense of urgency for local and federal governments. They need to stay up to date in all areas of their security while keeping data privacy and protection top priorities.

More from Application Security

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today