Back
Cyber Security Training & Software for Companies | MetaCompliance

Products

Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters

Back
Industry

Industries

Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 


Financial Services

Creating A First Line Of Defence For Financial Service Organisations

Governments

A Go-To Security Awareness Solution For Governments

Enterprises

A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives

Back
Resources

Resources

From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

Back
MetaCompliance | Cyber Security Training & Software for Employees

About

With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes

MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Ransomware Attacks in the Public Sector

Ransomware attacks in the public sector

about the author

Share this post

Ransomware attacks in the public sector have become increasingly common in recent years, with government agencies, healthcare organisations, and educational institutions being frequent targets. However, the public sector has always been a target for cybercriminals intent on data theft and criminal damage. This is verified by Verizon in their Data Breach Investigations Report 2020 (DBIR), with public administration being one of the most targeted industries, and ransomware being the most prevalent attack type. A report by Darktrace concurs, stating that in 2020 “local governments were the biggest target of ransomware attacks”.

Ransomware is a dangerous and insidious malware type that is becoming more prevalent across all industries. The nefarious actors behind the malware are also becoming more adept at extracting a ransom, not only by encrypting data but stealing it too. Here, we look at the impact that ransomware is having on the public sector and what can be done to mitigate this impact.

Why the Public Sector is at Risk of Ransomware Attacks

It can be difficult to get information on the true extent of cyber attacks in public offices. However, back in 2019, the security vendor, SolarWinds, performed a Freedom of Information request. The data returned had some interesting insights: whilst around one-third of respondents had experienced no cyberattacks, an increasing number experienced over 1000 targeted attacks.

Most of these attacks were in the form of phishing and malware. This was despite having traditional cyber security measures, like firewalls and antivirus software, in place. The research clearly shows that the public sector is on the radar of cybercriminals, and ransomware, being a current favourite malware, is a serious threat to the sector.

Recent high-profile attacks such as the ransomware attack on the utility company, Colonial Pipeline in the USA, demonstrate the lengths that ransomware gangs go to. In this cyber attack, data was not only made inaccessible through encryption, thus disrupting operations but it was also stolen and used as leverage to add pressure to pay the ransom.

A report from IBM X-Force found that 59% of ransomware incidents involved data exfiltration before the encryption event occurred. Colonial Pipeline was a good target for ransomware as it performs a critical infrastructure role. Similarly, public service industries are a critical infrastructure, providing important citizen services that are data-dependent: this point is not lost on ransomware gangs.

Public services such as school districts, healthcare institutions, and even local councils are all targets for ransomware attackers. A recent attack involved Ireland’s health system. The attack, suspected to be carried out by a hacking gang known as Wizard Spider, left hospitals without computers for over a week.

In a similar manner to the Colonial Pipeline attack, the hackers encrypted data and stole large amounts of information to increase the pressure to pay the $20 million (£14 million) ransom. In 2020, a ransomware attack affecting Redcar and Cleveland council ended up costing the council an estimated £10 million: the costs incurred included downtime and reductions in enforcement incomes.

Ransomware-as-a-Service in the Public Sector

The public sector covers a wide range of types of organisations from healthcare to local councils to policymakers and schools. The public sector, therefore, offers threat actors a variety of opportunities, to not only disrupt and extort but to steal data too.

Lindy Cameron, CEO of the UK’s National Cyber Security Centre (NCSC), recently said in a speech at the Royal United Services Institute (RUSI) Annual Security Lecture, that the rise in ransomware was due to a “cumulative effect” as organisations failed to deal with the ever-increasing sophistication of ransomware attacks.

Public sector organisations are at risk from the use of these more sophisticated attacks that include ‘Ransomware-as-a-Service (RaaS). These ransomware ‘kits’ make creating ransomware campaigns much easier. Anyone who wants to get in on the ransomware act can do so for the price of a monthly fee and a cut of the ransom.

In her speech, Cameron notes that RaaS is fuelling the increase in ransomware attacks. Of these RaaS kits, some are specially designed to target the government and public sector. An example is Eking RaaS, identified by Darktrace as being used to target government services in the APAC region.

How to Protect the Public Sector from Ransomware Attacks

The DBIR points out that in 85% of data breaches a human being is involved. The human factor is evident in many cyber-attack types including ransomware; an errant click in a malicious email often being the beginning of the ransomware nightmare.

As ransomware attackers focus on data theft as well as encryption, the ‘human in the machine’ becomes ever-more important as a way into an organisation. Phishing is a favourite attack vector of hackers because it works. In the latest DBIR for 2021, Verizon points out that phishing and ransomware were again prevalent; in terms of public administration attacks, social engineering is the preferred vertical used in 69% of breaches.

Ransomware delivery and infection enter through several routes, but as mentioned, phishing is one of the most common. A survey using managed service data found that 54% of ransomware attacks began with a phishing email: poor user practices (27%) and lack of security training (26%) were the next most common issues that led to ransomware infection.

Preventing Ransomware Attacks in the Public Sector

Preventing ransomware in the public sector is about reducing risk. Security risk is reduced using a socio-technical approach; much the same way that hackers attack the public sector and other industries using social engineering and technical vulnerabilities.

Alleviating the core vectors of ransomware infection begins within an exceptional security culture. This is driven by delivering effective security awareness training to all staff. This is augmented by using the best of breed security tools that meet the requirements of security standards and regulations such as ISO27001.

Ransomware attacks in the public sector are here to stay until organisations stop being infected and stop paying the ransom. In data-dependent sectors, such as public and government, the latter can be a hard choice to make. This means that structures must be put in place to mitigate the chances of a successful ransomware infection.

Cyber Security Awareness for Dummies

Other Articles on Cyber Security Awareness Training You Might Find Interesting

duckduckgo vs google EN

DuckDuckGo vs Google – 5 reasons why you should give up using Google!

You were not aware that DuckDuckGo is a search engine? Well, now you know. Since its founding in 2008, DuckDuckGo has made it its mission to develop a search engine that does not store or share personal data, quite unlike Google. Google’s business model is based less on data protection and more on personalised advertising. Without the storage of personal data, Google would virtually lose the air it breathes. However, Google is still the most used search engine, and there are reasons for that. Google does have one weakness, however, and that is data protection.
Read More »
dataprotection vs informationsecurity EN

Information Security vs Data Protection

Is this an issue for our ISO or our DPO, or is it much the same in either case? Who exactly is responsible for this incident, and is there a need to report it at all? In order to discuss the similarities and differences between information security and data protection, the first step is to define the two areas.
Read More »