The government sector, both U.S. and international, is a prime target for hackers. Attacks from organized criminals, foreign countries, political hacktivists, and others not only erode public trust in targeted government entities, but can also seriously impact government operations and the ability to deliver critical functions—not to mention the financial cost and risk to sensitive information and vital infrastructure. This all means that cyber security is a large and growing concern for governments worldwide. Increasingly, federal, state, and local governments are targets as threat actors attempt to steal or manipulate sensitive data or disrupt operations.
This was highlighted in December 2020 when news emerged of the SolarWinds supply chain attack in which multiple parts of the U.S. Federal Government, NATO, the UK government, and the European Parliament were impacted. The incident, which also impacted thousands of organizations in the private sector, was reported to be among the worst cyber-espionage incidents ever suffered by the U.S.
While cyber-attacks against the government sector are far too numerous to list, Symantec as division of Broadcom, has released a white paper covering a number of notable incidents that highlight the range of attacks this sector is subject to, as well as the various tactics employed.
Some of the key areas covered in this paper include the following:
- Examples of Attacks: Some recent examples of attacks against government entities broken up into common attack types/motivations.
- Who is Attacking? A look at some prominent advanced persistent threat (APT) groups with a focus on targeting the government sector.
- Malicious Activity Trends: Key trends taken from Symantec, a division of Broadcom (NASDAQ: AVGO), metrics.
- Case Studies: A detailed look at two cases worked on by the Symantec Threat Hunter Team.
- How to Protect Your Network: Protection and mitigation can be used by organizations in the government sector to protect their networks
Check out the new Symantec Whitepaper here.
In the first of a series of follow-up analysis on the SolarWinds attacks, we take a look at how the attackers disabled security software and avoided detection
We encourage you to share your thoughts on your favorite social platform.