Although every organization and individual are a potential target for cyberattacks, the SLED (state, local, and education) market faces a much greater risk as compared to other avenues. As state and government agencies and educational institutions are high-profile targets with tons of sensitive data and typically very limited cybersecurity skills and resources, they are more easily susceptible to any cyber breach or intrusion.
SLED organisations are under virtually constant siege, and there are reports of cyberattacks against government and educational targets weekly. According to Lok Sabha data, a total of 160,560 Indian websites, including 812 government websites were hacked between 2016 and 2021. This renders 73 websites being hacked every day. Notably, government websites accounted for only 0.5 per cent (812) of the total websites targeted. With 28,897 cyberattacks, including 186 compromised government websites, 2021 reported the highest number of such incidents in the last four years.
While attacks against SLED organizations are increasing, they are by no means a new issue. There have been a number of significant attacks over the years. Earlier this year, the personal data of thousands of Indians were leaked from a government server that was accessible through online search. The leaked data was put on sale on the Raid Forums website where a cyber criminal claimed to have the personal data of over 20,000 people. The data showed names, ages, gender, mobile number, address, date and results of Covid-19 reports of these people.
Government agencies and educational institutions are embracing technology to streamline access to information and services. Many schools and municipalities provide free broadband and/or Wi-Fi as well. Digital transformation yields a variety of benefits but also exposes organizations to increased risk of data theft and cyberattacks.
Government agencies of all types — including police departments, county offices, state agencies, and more — as well as school districts and colleges are prime targets for ransomware attacks. As employees and students stayed home and accessed resources remotely during the pandemic, these technologies and services became more crucial and more vulnerable at the same time.
Cyber criminals have an array of tactics, techniques, and procedures (TTP) to employ in attacks. Email attacks and website attacks are fairly ubiquitous and provide threat actors with the means for simple, automated, high-volume, low-cost attacks.
To help protect organizations against cyberattacks and ransomware attacks, organisations must have multi-layered protection. Over 90% of attacks start with a phishing email, SLED organizations need tools in place to stop email-based attacks before they get to the inbox and protect against fraudulent email scams with AI-powered email protection. They also need to protect applications and devices from web-borne threats such as DDoS or zero-day vulnerabilities with the next-generation Web Application Firewall (WAF). Finally, it is important to stay current with a secure data protection solution that can back up critical data and implement disaster and recovery capabilities.
By: Parag Khurana, Country Manager, Barracuda Networks India