Public sector as a target for cyber attacks

The public sector as a target for cyberattacks

The following are just a few examples of the challenges that digitisation poses to public institutions and authorities: millions of sensitive personal data are vulnerable, legal security regulations require compliance, the ever closer networking of public bodies, authorities, offices and the high relevance of fast administrative processes to the satisfaction of citizens.

"Local authorities hit by 800 cyber attacks every hour"

source: computerweekly.com, 3rd Oct 2019

Digitisation of administration: between opportunity and risk

In public administration (state authorities, district offices and municipalities), sensitive personal data is stored, including

addresses,
marital status and religion,
ID card numbers and identification numbers (e.g. tax numbers).

This data is particularly valuable for attackers since it can be used to capture complete identities.

The digitalisation of public institutions and authorities is in full swing:
Public administration has become increasingly networked in recent years. If one system is broken into, it can also be "poached" in systems of other administrations and malware can spread extensively and fast.

"Local authorities hit by 800 cyber attacks every hour"

Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year [..]

Source: computerweekly.com/news/252471771/Local-authorities-hit-by-800-cyber-attacks-every-hour

The electronic offer to citizens or communication with authorities via online portals has been significantly expanded in recent years. In some cases, only the electronic way of submitting data is still offered.

In many areas, however, the modernisation of computer and operating system equipment has not yet been completed. Until then, there are still weak points which, if patches are not applied, become a gateway for hackers. Authorities are obliged to comply with the legal provisions of the data protection regulations (e.g. GDPR in the European Union, APP - Australian Privacy Principles) and individual country-specific standards for cyber security, e.g. the Essential Eight Maturity Model in Australia. In addition, in various countries, eGovernment laws are in place which regulates the duties of the authorities and requires protection concepts and mechanisms for their digital systems.

Why is the public sector particularly lucrative for attacks?

In public institutions, numerous extremely sensitive personal data are stored in electronic files
Administrative procedures are becoming increasingly digital
The information offers profit-oriented cyber organisations a lucrative breeding ground for data manipulation, identity theft and misuse
The confidentiality of data and information, e.g. in police and ministries

What are the requirements regarding data processing and data security?

Interface control or device control to external storage media such as USB sticks

Ensuring the integrity and encryption of personal data

Prevention and response to attacks

Secure authentication and authorisation procedures, e.g. two-factor authentication and integration of existing user directories (Active Directory)

Monitoring and logging of all accesses and changes in the system

Sensitisation of employees and avoidance of human misconduct

How can DriveLock be used for effective prevention?

Interface control or device control to external storage media

Device Control from DriveLock:

Data medium control and data flow control (only authorised use of external media such as USB sticks). Forced encryption of the data written to the external data carrier is also possible.

DriveLock also supports full auditing of external media usage and logging of data flow, including shadow copies.
Ensuring the integrity and encryption of (personal) data

Encryption from DriveLock:

Transparent and fast hard disk encryption,
Reliable directory and file encryption,
Encryption of removable media such as USB sticks, CD/DVD or mobile hard disks,
BitLocker Management
Prevention and response to attacks

Application Control from DriveLock:

Application control with intelligent whitelisting, i.e. a positive list of permissible software applications that can be dynamically expanded.

Endpoint Detection & Response (EDR):

Detection and forecasting of security incidents, incident response and remediation, endpoint monitoring
Secure authentication and authorisation procedures, e.g. two-factor authentication and integration of existing user directories (Active Directory)

DriveLock SmartCard Middleware:

Provision of a smartcard middleware for cost-effective use of smartcards (also for new versions). Thus, access/access control and multi-factor authentication can be realised cost-effectively.
Monitoring and logging of all accesses and changes in the system

DriveLock Analytics & Forensics:

Monitoring: Logging and detection of security-relevant events,
Transparency: Extensive reporting and analysis of the security level of the system environment
Sensitisation of employees and avoidance of human misconduct

Security Education from DriveLock:

IT security training and sensitisation of civil servants and employees in the civil service/creation of security awareness to protect against fake emails or phishing attacks.

DriveLock Zero Trust Platform

How authorities can protect themselves against cyberattacks

The public sector targeted by attacks and obligated to regulation compliance

The public sector as a target for cyberattacks

"Local authorities hit by 800 cyber attacks every hour"

Digitisation of administration: between opportunity and risk

"Local authorities hit by 800 cyber attacks every hour"

Why is DriveLock the right partner?

Why is the public sector particularly lucrative for attacks?

What are the requirements regarding data processing and data security?

How can DriveLock be used for effective prevention?

Device Control from DriveLock:

Encryption from DriveLock:

Application Control from DriveLock:

Endpoint Detection & Response (EDR):

DriveLock SmartCard Middleware:

DriveLock Analytics & Forensics:

Security Education from DriveLock:

Have questions about our DriveLock solutions for the public sector

Contact Us

DriveLock Zero Trust Platform

How authorities can protect themselves against cyberattacks

The public sector targeted by attacks and obligated to regulation compliance

The public sector as a target for cyberattacks

"Local authorities hit by 800 cyber attacks every hour"

Digitisation of administration: between opportunity and risk

"Local authorities hit by 800 cyber attacks every hour"

Why is DriveLock the right partner?

Why is the public sector particularly lucrative for attacks?

What are the requirements regarding data processing and data security?

How can DriveLock be used for effective prevention?

Device Control from DriveLock:

Encryption from DriveLock:

Application Control from DriveLock:

Endpoint Detection & Response (EDR):

DriveLock SmartCard Middleware:

DriveLock Analytics & Forensics:

Security Education from DriveLock:

Have questions about our DriveLock solutions for the public sector

Contact Us

DriveLock News Service