Defending government and education organizations against cyberthreats

Every organization and individual is a potential target for cyberattacks, but the SLED (state, local, and education) market faces heightened risk. State and local government agencies and educational institutions are high-profile targets with tons of sensitive data and typically very limited cybersecurity skills and resources.

Major SLED cyberattacks

SLED organizations are under virtually constant siege, and there are reports of cyberattacks against government and educational targets weekly. TechTarget reports that there has been at least one instance of a town, county, or state government falling victim to a ransomware attack every month in 2022.

While attacks against SLED organizations are increasing, they are by no means a new issue. There have been a number of significant attacks over the years.

1. U.S. voter database

In late 2015, a database of 191 million U.S. voters was exposed thanks to improper configuration leaving it freely accessible from the public internet. The database contained personally identifiable information (PII) on the voters from all 50 states and the District of Columbia, including names, dates of birth, political party affiliation, email addresses, mailing addresses, and more.

2. OPM breach

The U.S. government is the largest employer in the nation, and the Office of Personnel Management (OPM) is tasked with managing and maintaining the data for government employees and contractors, as well as personal information for civilian federal agencies. In 2015, OPM suffered two related intrusions that affected an estimated 21.5 million individuals.

3. Texas government attacks

Threat actors launched broad, coordinated attacks in 2019 that took 23 different Texas towns offline. The attacks targeted small local governments with a ransomware attack. Texas authorities declined to name which towns were affected and vowed to get them back online without paying the ransom, but the attacks demonstrate how vulnerable local governments can be, and emphasize the impact it has on citizens when basic government services and functions are unavailable.

4. Baltimore ransomware attack

Baltimore was hit with a ransomware attack in 2019 that brought the city to a halt. The city refused to pay the $80,000 ransom demand — both on principle and at the direction of the U.S. Secret Service and FBI. Restoring data and recovering systems took the city months and ultimately cost Baltimore taxpayers more than $18 million from remediation, new hardware, and lost or deferred revenue.

5. Lincoln College

Lincoln College, an HBCU institution founded in 1865, announced this year that it is closing permanently due — in part — to a ransomware attack suffered in late 2021. The school was already struggling from decreased enrollment in response to the COVID-19 pandemic, but the ransomware attack blocked access to critical systems and data and prevented the school from recruiting or enrolling students and impeded fundraising efforts.

Digital transformation

These are just a few high-profile examples from an endless list of similar attacks. SLED organizations have always faced cybersecurity challenges, but the trend of digital transformation and the fallout of the COVID-19 pandemic have made things exponentially more complicated.

Government agencies and educational institutions are embracing technology to streamline access to information and services. Many schools and municipalities provide free broadband and/or Wi-Fi as well. Digital transformation yields a variety of benefits but also exposes organizations to increased risk of data theft and cyberattacks.

Rising risk of ransomware

Government agencies of all types — including police departments, county offices, state agencies, and more — as well as school districts and colleges are prime targets for ransomware attacks. As employees and students stayed home and accessed resources remotely during the pandemic, these technologies and services became more crucial and more vulnerable at the same time.

Things that were a convenience have become a necessity for many people. Threat actors have capitalized by ramping up cyberattacks — particularly ransomware attacks — because they know victims will be more likely to pay the ransom out of desperation to get critical systems back online.

Defending against cyberattacks

Cybercriminals have an array of tactics, techniques, and procedures (TTPs) to employ in attacks. Email attacks and website attacks are fairly ubiquitous and provide threat actors with the means for simple, automated, high-volume, low-cost attacks.

In fact, over 90% of attacks start with a phishing email — tricking individuals into installing or executing malware or disclosing login credentials and other sensitive information. In order to protect your organization against these malicious threats, you need to find ways to efficiently detect them, block them, and recover from them — all while working with limited IT resources and constrained budgets. Limited resources make it essential to have security that is simple and provides visibility and management from a single pane of glass.

SLED organizations need tools in place to stop email-based attacks before they get to the inbox and protect against fraudulent email scams. They also need to block inappropriate content and applications and protect devices from web-borne threats.

How Barracuda can help

Barracuda provides comprehensive solutions for email protection, application and cloud security, network security, and data protection that are easy to buy, deploy, and use. Barracuda’s complete family of solutions works seamlessly together to help protect organizations against cyberattacks and help you detect, prevent, and recover from ransomware attacks.