How can the Public Administration Sector Combat the Onslaught of Hacking?

Verizon’s 2016 Data Breach Investigations Report, released in late April 2016, has revealed just how good hackers are getting at breaking in, stealing data, and making their escape without being detected.

The study found that in 93 percent of cases, hackers were able to compromise a victim’s system in “minutes or less.” In 28 percent of cases, the hackers were also able to transfer data about their victims within minutes.

Most of these attacks come in the form of “phishing,” when victims receive an email designed to look like it has come from a trusted source, but that in fact contains malicious code or links designed to attack your system. As much as you can try to educate system users, hackers get more and more sophisticated each day and it only takes one person or one wrong click to compromise your entire system.

Learn More: Federal Government Capabilities Statement

Federal Employees at Risk: Targets for Criminals

Verizon’s report identified 64,199 security incidents in 2015 across 82 countries and a wide variety of industries. Nearly three out of four of these incidents—74 percent—targeted victims in the public administration sector.

While virtually all Internet users are susceptible to hacking, federal employees are an especially attractive target for organized criminals and nation-states that Verizon reports are the primary initiators of phishing scams.–the government holds an extensive amount of information about its employees—information government experts including Director of National Intelligence James Clapper fear foreign nations could use for blackmail, extortion or recruiting practices.

In a separate report issued by the White House in March, 2016, U.S. federal departments collectively reported 77,183 cybersecurity incidents in 2015, a 10 percent increase from 2014.

These reports reinforce that the threat landscape is going to continue to grow as hackers continually refine their breach tactics.

Delayed Recovery

And while hackers are getting better at finding and stealing the information they need in a matter of minutes—or less—it can take weeks or even months for an individual to know they’ve been victimized. According to Verizon, less than 25 percent of data breaches are discovered in “days or less,” and most are discovered by law enforcement or other third parties instead of by the person or organization breached.

While the people who build email services and the hardware they run on play a major role in protecting users from these kinds of threats, the takeaway for individuals is that once an attack has started, it’s too late. As Verizon’s researchers put it, “when you have to wait on external detection to tell you you’re popped, it’s probably too late to keep the horses in the barn.”

Continuous Identity Monitoring

With the growth in the number of incidents and the deliberate targeting of government systems, leading organizations are adding continuous identity monitoring to their cybersecurity tool kit.

Continuous identity monitoring, like crowd-sourcing for identity fraud, helps to detect breaches early on so damage can be addressed and minimized, before it spreads. It’s similar to the concept used in the financial services industry: a sudden uptick in fraud involving their customers can often determine when retail stores have suffered a breach.

You can’t take any steps to recover from a data breach if you don’t know you’re a victim. In fact, some targets go years before realizing they were victims of theft.

As hackers get better at breaking into systems and stealing information, potential victims—that is, all of us—have to be ever more vigilant to keep them out and undo the damage when they do find a way in. Continuous identity monitoring helps organizations determine when employees have been victimized early on, helping to ensure a quick recovery and minimal collateral loss.

Learn More: Federal Government Capabilities Statement