In Africa, there has been a proliferation of cyberattacks on state-owned organisations, such as transport and critical infrastructure, in the past 18 months, indicating the public sector is a lucrative target.

According to cyber security solutions company Check Point Software, while the pace of transformation may vary from country to country, the public sector as a whole is gradually becoming more digitally mature. However, government departments are often late adopters, and bad actors are taking note.

Check Point Software’s 2021 Mid-Year Cyber Attack Trends Report highlights just how prevalent attacks on public sector organisations have become during the pandemic. Globally, government organisations are now one of the most popular targets for bad actors, second only to those in the education and research sectors.

Of the 93% increase in global cyberattacks reported by Check Point from 2020-21, many of them are being orchestrated against public-owned entities.

Public sector slow to respond 

“In Check Point Software’s experience with public sector organisations in South Africa and the rest of the continent, cybersecurity is top of mind at the senior level and in the relevant information technology departments, but this urgency does not always reflect in the supply chain on the deployment of cybersecurity solutions. This lack of urgency is compounded by delays due to lengthy procurement processes, which have been intensified by the COVID-19 pandemic,” says Pankaj Bhula, Regional Director: Africa, Check Point Software Technologies.

As the cybersecurity landscape evolves quickly, by the time the cybersecurity solutions are signed off on, if at all, the technology is too outdated to manage current threats, leaving public sector organisations vulnerable.

“In addition, there appears to be a lack of awareness and accountability of the consequences of an attack on the public sector in the Africa region which potentially can bring any country’s critical infrastructure to a standstill and threaten the safety of its citizens. The public sector is there to serve, and does not have the same fallout of reputational damage and financial loss as in the profit-driven private sector to motivate for cybersecurity as a top priority,” adds Bhula.

In South Africa, there has been some progress on increasing the speed of cybersecurity implementation in the public sector. A transversal tender for cybersecurity only has been put forward by the country’s government, which can cut down on time on sourcing suppliers and pricing quotations, Check Point Software adds.

President Cyril Ramaphosa also signed the Cyber Crimes Bill into law this year, which brings South Africa’s cybersecurity laws in line with the rest of the world. The challenge lies in investigating offences and enforcing this law, particularly in the public sector.

Public sector now regarded as a high-value target by bad actors

The public sector might serve up easier targets than the private sector due to outdated technology, slow uptake on cybersecurity practices and solutions, inadequate education, or a combination of these factors but is it lucrative enough to attract cybercriminal organisations?

Check Point Software asserts that data has value. It can therefore be extorted or sold for profit. If a group of bad actors was to steal thousands of people’s credit card details by hacking into a private organisation such as a bank or online retailer, they’d fetch around US$20 (R300) plus per record if auctioned off on the dark web. If, however, the same group were to attack a public healthcare entity and steal individuals’ medical information, their potential profit would soar and net them more than US$480 (R7 500) per record. And that’s not even considering the amount they could extort from the public sector targets themselves. This isn’t helped by the fact that public sector organisations are often comprised of siloed data behemoths, so if a malicious actor is able to exploit a gap in their defences, the “payouts” are often huge.

With a threat landscape that’s currently outpacing many private organisations’ capabilities, governments need to start thinking very carefully about their cybersecurity budgets, how quickly their security solutions are implemented, and how they can increase their risk posture in 2022 and beyond.

Check Point advocates specific steps organisations could take, including preventing advanced persistent threats and zero-day attacks; continuous monitoring and diagnosis, and cross-device security.