TECH TRENDS
Government agencies can prevent cyberattacks through good cybersecurity hygiene and employee education
In the post-pandemic climate , most governments have had to adapt and digitalise . However , this has led to an onslaught of cyberattacks . Wissam Saadeddine , Senior Manager – MENA at Infoblox , provides insight into how government agencies can battle these threats and changes .
Wissam Saadeddine , Senior Manager – MENA at Infoblox
While working in the public sector and private sector have many differences , one characteristic is similar : cybersecurity and threats .
Both sectors feel the pain of not having a sufficient community of trained and available security staff to hire , both are constant targets of phishing and related social engineering attacks and both are trying to balance the threepronged attacks of the pandemic , the relocation of employees to work-from-home status and increased risks from attacks on cloud assets .
The current pandemic is having a major impact on all levels of government . Aside from the financial impact the pandemic is having on the private sector , government IT professionals also are facing the following challenges :
• Workers are being required to work from home
• IT and security staff must provide WFH employees with new equipment , which has major implications for IT budgets
• Users are connecting to government networks from untrusted and often compromised home networks
• Users are employing personal equipment and IoT devices to connect to government networks and clouds that might not be secured to the governmental agency ’ s security standards
However , governments have other concerns as well . targeted , the effect could impact critical infrastructure at all levels .
The COVID-19 effect of draining critical financial resources to fund purchases of hardware and software for newly displaced employees , plus expenses for significant increases of cloud services and , in some cases , a forced Digital Transformation from on-premises data centre to cloud-based assets , is putting a strain on both financial and staffing resources .
From the citizenry perspective , the pandemic has opened the proverbial Pandora ’ s box of fake ‘ official ’ websites devoted to COVID-19 , misinformation from websites purporting to be the Centre for Disease Control and Prevention and other government and medical facilities that are actually watering holes for malware and ransomware attacks on hospitals delivered in emails purporting to be information about COVID-19 .
A joint advisory group from US and UK security agencies was also formed to protect the intelligence communities from becoming victims of attacks , particularly from advanced persistent threats from groups targeting individuals and organisations with malware .
In March 2020 , Infoblox observed a malicious spam ( malspam ) email campaign that used a fraudulent COVID-19 alert from the World Health Organisation ( WHO ) to deliver Trickbot banking malware .
Government operations potentially can impact much larger groups of people than a corporate attack . Depending on the government entity
We also observed a series of campaigns using COVID-19 themed spam emails to distribute the Agent Tesla information stealer ( infostealer ).
14 www . intelligentcxo . com