In nearly every part of the world, people associate the word ‘government’ with order. Government services bring societal order, economic stability and security at all levels. However, the past decade of data breaches has challenged this. Federal and local governments battle worldwide breaches and cyber attacks. Data security flaws have been so pervasive in public sectors that costs that come with a data breach have risen nearly 79% year over year

How Does a Government Data Breach Happen?

Several years ago, the idea of governments falling victim to cyber attacks was hard to imagine. The public and governments had high standards for maintaining security governance and strict data compliance. However, the public sector includes multiple government services. (Look at the military, law enforcement, infrastructure management, public transit and educational facilities.) So, there is no shortage of digital footprints that threat actors can try to exploit.

In local and federal governments, a data breach involves any incident where attackers access or distribute confidential or protected information. Data breaches can occur through both physical and digital means. Attackers often combine them with various forms of cyber attack. (Think phishing schemes, ransomware attacks, viruses, malware and other malicious software.) Data breaches can expose confidential records, social security numbers, financial information and other sensitive details. Meanwhile, strict privacy laws often protect these in public sectors. 

Well-Known Government Data Breaches

Sadly, cyber attacks and data breaches impacting the public sector have become more and more common over the years. Now, governments invest a lot in their cybersecurity programs in response to the growing surge of attack variants targeting them.

In 2015, attackers compromised the personal credentials of over 190 million voters from the U.S. Voter Database, including their names, addresses, party affiliations and other private contact information. Misconfigured voter databases allowed this sensitive information to be easily displayed to anyone surfing the web. There are still some competing theories as to how this leak was caused, including Russian threat actors. The fact remains that the owners of the database did not manage the digitization of private records securely enough. This opened the door to a number of data compliance issues.

On May 7, 2019, an attacker hit the government of Baltimore’s networked systems with a new variant of ransomware, holding all servers with the exception of essential services up for ransom. Attackers compromised hundreds of thousands of people’s personal information. This was possible due to poor IT practices and an inadequate technology budget or cyberattack insurance policy.

Most recently, in December of 2020, the U.S. federal government faced the worst data breach the U.S. ever saw due to the sensitivity of the information accessed and the duration of the breach. It also impacted NATO, the U.K. government, Microsoft and the European Parliament. The data breach was not detected for months, giving the attackers access to tens of thousands of people.

How Much Does a Government Data Breach Cost? 

A government data breach can lead to a major financial loss. They also have grown larger over the years. According to the Cost of a Data Breach Report 2021, sponsored, analyzed and published by IBM Security, the total global cost of data breaches in public sectors rose nearly 79% between 2021 and 2020. That’s a total average data breach cost of $1.93 million. The public sector still represents a much smaller percentage of industries impacted by data breaches. However, the aggressive year-over-year growth of related costs is starting to show how important cybersecurity projects have become. 

The Risks and Challenges of Data Security in Government 

Today, government entities face an uphill battle when combating the growing surge of cyber espionage and extortion. Now more than ever, the public sector needs to focus on its security hardening measures across all infrastructure layers. At the same time, the sector also needs to maintain adequate budgets to support its data governance and disaster recovery efforts.

Government entities now have a much more pronounced digital target on their backs. A new generation of attackers happily accepts the high-risk-high-reward aspect of data breaches within public sectors. So, local and federal governments must execute thorough vulnerability analysis assessments. They should take a comprehensive look at database configurations and their data privacy compliance. 

Very few industries are immune to the financial impact data breaches can have. 2021 has also taught us that attackers have sharpened their focus on the public sector. This creates a sense of urgency for local and federal governments. They need to stay up to date in all areas of their security while keeping data privacy and protection top priorities.

More from Application Security

Audio-jacking: Using generative AI to distort live audio transactions

7 min read - The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…

Mapping attacks on generative AI to business impact

5 min read - In recent months, we’ve seen government and business leaders put an increased focus on securing AI models. If generative AI is the next big platform to transform the services and functions on which society as a whole depends, ensuring that technology is trusted and secure must be businesses’ top priority. While generative AI adoption is in its nascent stages, we must establish effective strategies to secure it from the onset. The IBM Institute for Business Value found that despite 64%…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today