December 02, 2021//Isa JonesLast Updated: June 01, 2022
Hacks continued to make headlines and disrupt multiple aspects of daily life in 2021, from gas consumption to meat production and more. Hacks also evolved. The ransomware amounts reached new, staggering amounts ($102.3 million per month), and hackers grew smarter, targeting weak critical access points to gain entry to government entities, critical infrastructure, and other highly valued organizations.
The government was not immune from these attacks. In fact, one of the bigger hacks of 2020, the SolarWinds breach, reached various parts of the government, including, notably, the Cybersecurity and Infrastructure Security Agency at Homeland Security. It’s possible, based on an NPR report, that the hack purposefully targeted dot gov customers of SolarWinds. The response to this major attack was swift, with the Biden administration handing down sanctions to Russia, who it believed was responsible. In addition, this hack might’ve been the attack that changed cyber warfare, as cybersecurity became a major part of Biden’s Infrastructure goals and bill.
Hacks on government entities occurred often and globally throughout the year, with attacks big and small. For example, a group found a vulnerability in the FBI email system, and sent out fake emails to thousands. The attack itself was harmless, but the fact that seemingly amateurs found the vulnerability speaks to how insecure many systems are.
The Biden administration has decided it is done with reactive cybersecurity, opting instead to invest in better protections against future cyber attacks.
In addition to the Executive Order on Improving the Nation’s Cybersecurity issued in May, The Infrastructure Bill—formally named the Infrastructure Investment and Jobs Act— has $1.9 billion set aside for cybersecurity. All of that money is targeted to help government entities prevent the next devastating headline hack. There will be a $1 billion grant program to assist state, local, tribal, and territorial governments in modernizing their cybersecurity systems and protecting their most valuable assets. Another major part of the bill is the Cyber Response and Recovery Act of 2021, which allocates $100 million for fast responses to any future cyber attacks. A new office, The Office of the National Cyber Director, will also be created with some of the funds to support the government’s essential cybersecurity missions. While those are the major steps, there are also minor ones as well, such as money for cloud security, money for industrial control systems security, and dollars for helping governments transfer domains to dot gov.
Yes, and no. Until now, government entities have relied on vendor reputation, an “it won’t happen to me,” mentality, and outdated models of security to keep them not-so-safe. So, any improvements are better than nothing, especially when that anything involves $2 billion. That being said, it’s always a matter of when, not if, in regards to a cyber attack. Hackers continue to gain skill, and with more entities connecting with each other everyday, the amount of doors a hacker could unlock keeps growing. However, past hacks highlight vulnerabilities and illuminate a path forward. Third parties continue to be the highest risk point for many organizations and government entities continue to hold valuable assets that make them a major target for bad actors and cyber espionage.
Here are a few proactive strategies all organizations can employ:
Securing critical access points
Hackers can’t gain entry unless they find a lock they can pick. Gone are the days of castle-and-moat defenses for organizations. Instead, every critical access point (any point of access that leads to a highly valued asset) needs to be fully secured to prevent an attack. Critical access management, which utilizes industry-proven best practices to keep every access point secure, is the best option for an organization.
Investing in third-party management
51% of breaches are a third-party data breach, and if there’s one item government entities have a lot of, it’s third-party connections. You may trust your vendor, but should you? Protecting these points of connection can protect valuable assets, systems, and access points. Organizations should invest in a third-party solution that manages user access rights, employs access control, and observes sessions and analyzes user behavior.
Utilizing access governance to build a robust access policy
Access governance, or the systems and processes that make sure access policy is followed as closely as possible, is crucial for building a strong access management and overall cybersecurity plan. This technique involves using role-based access control, employing least privilege access to create granular user access, and auditing access periodically. Every aspect of access governance needs to be employed to keep your critical access points secure.
Trusting no one
Trust sounds good, but can be a fatal flaw when it comes to cybersecurity. From internal users to third parties, no one should be trusted when an organization’s most critical access points and assets are involved. Employing Zero Trust Network Access ensures that no user has access they shouldn’t, and that every user, regardless of role, trust, or status, has to adhere to the same tightly controlled access policies.