SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Surge in cyberattacks on public sector spotlighted by KnowBe4 report
Wed, 24th Jan 2024

The world's largest security awareness training provider, KnowBe4, has released a report, revealing a significant rise in cyberattacks on the public sector during 2023. The most striking increase was recorded in the Asia-Pacific (APAC) region which accounted for 31% of global cyberattacks this year, a sharp 22% rise from 2022.

According to the report, criminals exploit government agencies and public sector services for the wealth of personal data they retain. The findings suggest a shift in the pattern of cybercrime towards these sectors: attacks against government agencies and public sector services increased by 40% in the second quarter of 2023 compared to the first.

Specifically, instances of ransomware attacks, where cybercriminals encrypt vital data and demand payment for its release, rose dramatically. Government agencies and legal practices witnessed a startling 95% spike in ransomware attacks in the third quarter of 2023. Globally, ransomware incidents were also up by 95% in the third quarter of 2023 compared to the same period in the previous year.

The impact of a successful attack is harmful and costly: the report suggests that the cost of a data breach has risen by 15% over the past three years. One emerging trend contributing to this significant financial and data loss is the adoption of Generative AI by cybercriminals. This technology assists in creating sophisticated social engineering attacks, where criminals trick individuals or organisations into divulging sensitive data or breaching security protocols.

In this digital age, social engineering attacks such as phishing, vishing, spear phishing, and smishing continue to be the most popular methods of gaining unauthorised access to systems and initiating attacks. As a result, a strong emphasis on employee education about cyber threats is critical, the report suggests.

"It is an undeniable fact that employees, the last line of defence, can inadvertently become the weakest link in the security chain. Through proper training initiatives, this cost-effective and straightforward approach can effectively counteract social engineering tactics," commented KnowBe4's CEO, Stu Sjouwerman. Emphasising the importance of a robust security culture in the face of increasingly sophisticated attacks, he added: "the continuous reinforcement of a strong security culture is an indispensable tool for enduring digital defence and operational continuity."

The full KnowBe4 report, examining cybercrime trends on a global scale as well as breaking it down by specific countries and regions, and suggesting possible defenses, brings attention to this growing cyber threat. The role of the public sector in safeguarding invaluable individual data is vital and, in the face of increasingly sophisticated cyber threats, calls for an increased emphasis on security awareness.