Malware and malicious insiders account for most government cybercrime costs

cyber attack

The digital age brings many benefits but it also opens to door to new and more challenging cyber security risks. Sophisticated threats within and against government agencies are increasing in frequency and severity, demanding heightened vigilance.

Australia continues to streamline government services through online portals and rely more heavily on IT infrastructure for the function of vital government systems. As a result, sophisticated threats within and against Australian government agencies are becoming increasingly commonplace.

Instances of cyberattacks on government agencies can have a significant effect on citizen confidence. They have also resulted in a large growth in cybersecurity expenditure across the Australian government and other organisations.

While this trend is not unique to this nation and cyber-based acts on government agencies across the globe are on the rise, Australia’s reliance on technology for the provision of government services means the effects of cybercrime on citizens have the potential to be incredibly far reaching.

A recent study by Accenture and the Ponemon Institute found that cybercrime is increasing in numbers and in scope. The study, which surveyed 2647 security and IT executives across 355 global organisations, found that then average number of security breaches per government agency was 190 in 2018, well ahead of the 14 experienced, on average, by private sector companies.

The study also found that for public sector organisations, the average cost of security breach rose 17 per cent in 2018 to an average of US$10.28 million per incident, up from US$9.38 million in 2017.

In the case of ransomware attacks, the cost rose to over $100,000 on average, an increase from $58,390 in 2017.

Accenture also found that instances of people-based attacks and malicious insider activity is increasing within the public sector. More than half (58 per cent) of government responders said their organisation had experienced internal security breaches in the last year and almost half (47 per cent) cited an increase in the theft of electronic devices.

The length of time it takes for public service organisations to resolve security breaches is also growing, with people-based attacks or malicious insider events taking 58 days on average. The average time it takes to resolve a ransomware attack has also more than doubled, now averaging 33 days.

As cybercriminal and cyberespionage groups continue to use destructive and disruptive malware paired with evasive techniques (like modifying permissions or how authentication is performed), the application of malicious programs could become even more targeted.

According to the study, Australian public and private sector organisations in particular are finding individual attacks more expensive, with the cost of ransomware attacks alone increasing by 44 per cent between 2017 and 2018, exemplifying the increasing sophistication of these types of attacks.

Growing instances of cybercrime has a far more dangerous consequence too – the erosion of trust and confidence. Trust is the fuel that drives the digital economy. It can strengthen an organisation’s or agencies standing with citizens and customers but can be easily lost.

In this environment, protecting sensitive data has become an essential ingredient. Crucial to the maintenance of trust is the protection of information. Worryingly though, the study found that information loss remains the most expensive consequence of cybercrime.

In response to these growing concerns, the Australian government recently launched a cybersecurity strategy which includes over $230 million worth of investments across cyber defence and responsibility.

The government must remain committed to understanding where best these funds should be targeted to protect the most vulnerable aspects of governmental organisations and infrastructure.

Surprisingly, however, the study found that the proportion of public service organisations deploying advanced security-enabling technologies actually remains quite low. The deployment of technologies such as automation, machine learning and artificial intelligence technologies delivers the largest cost savings when fully deployed.

Unfortunately less than 35 per cent of Australian organisations are currently using AI and ML technologies, and tend not to leverage advanced access and identity management technologies to enhance security measures.

Innovative technologies

While security breaches are becoming more frequent, there are concrete actions government agencies can take to better protect themselves and reduce the number and cost of security breaches. For example, they must be constantly vigilant, keep pace with the evolving nature of the threats and adopt a proactive cyber defence strategy to defeat them.

From people to data to technologies, every aspect invites risk and too often security teams are not closely involved with securing new innovations. To avoid a siloed approach to security, government agencies should consider the following actions:

  • Place greater emphasis on protecting people against phishing, ransomware and malicious insider attacks – which are increasingly prevalent.
  • Invest in innovative technologies to prevent information loss and business disruption, which are growing concerns in the wake of new privacy regulations such as GDPR and CCPA.
  • Use automation and advanced analytics to manage the rising cost of discovering breaches, which is the largest component of spend.

Only by increasing awareness of people-based threats and adopting breakthrough security technologies can government agencies protect themselves and their data against today’s cyber risks.

Fortunately, agencies don’t have to face these challenges alone. By forming innovative partnerships, the public sector will not only be better prepared to anticipate and respond to evolving threats— both online and in the real world – they will also inspire greater public trust and confidence in their ability to protect citizens and their data.

Chris McNally is government security lead at Accenture Australia & New Zealand.


Copyright © 2020 IDG Communications, Inc.

7 secrets of successful remote IT teams