THANK YOU FOR SUBSCRIBING
The public sector must defend against all threats, whereas many in the private sector mistakenly believe they need to be safe enough to deter intruders. But the state cannot use that excuse.
FREMONT, CA: While many in the private sector believe (sometimes wrongly) that they need to be safe enough to divert attackers into easier targets, the government must fight against the complete spectrum of dangerous actors in the public sector. This is not an acceptable defense for the public sector. Cybersecurity is a daunting task for government organizations because they face attacks from threat actors of all levels of sophistication using various techniques and tactics, whether they are nation-states seeking intellectual property or criminals seeking money or personal identification information.
Cybercrime and advanced persistent threats (APT) collide in the public sector. In the context of APT, the term suggests a higher level of sophistication and a deliberate, targeted approach to attacks. Increasingly, cyber thieves are putting a lot of effort into reconnaissance and weaponization. And because they've made so much money from ransomware over the years, mainly through weaponization, it's a real investment. Because APTs and other forms of cybercrime are converging, the term "advanced persistent cybercrime" (APC) has been coined.
In 2022, aggressive attack codes will worry the public sector. As an example, ransomware operations also contained wiper malware. The wiper virus is also known as "killware," whose primary function is destruction. Because of cyber criminals' inventiveness, I think they'll merge these two. To send a clear statement that they mean business, some cyber criminals use killware as a preemptive strike before extorting a ransom to keep the rest of the systems safe. OT and the public sector will also be affected by these methods.
Even if an exploit has been around for a decade and is still shown to function, cybercriminals will continue to use it since it is still cost-effective for them to do so. Even huge enterprises and governments that do an excellent job of protecting themselves with security updates will have to stay closer to the cutting edge of newly identified vulnerabilities. Virtual patching may be necessary for some instances.
The infrastructure is another something to keep an eye on. There is now a unified attack surface. Many previously unreachable sectors have become exposed to cyberattacks now that all systems are intertwined. For example, in the oil and gas industry, contemporary remote terminal units (RTUs) in the field are now becoming increasingly connected by the internet and 5G. Then there's satellite broadband, which is becoming more commonplace.