In the fight against cybercrime, data security experts cannot afford to get complacent. Everyday, new strains of malware are being released onto a vulnerable public. While the average person’s computer is understood to be at risk from the newest viruses, worms and trojans, government agencies are expected to have the security of the latest cyberthreat defenses. With amount of highly sensitive information stored on federal and municipal servers, the utmost care should and usually is taken to ensure their security. The question remains, however: is it enough? As the propagation of malware continues unabated, can government agencies ever become truly secure?
Cyberthreats continue to grow
A recent cybersecurity report found that 27 million malware strains were formed in 2012, an average of 74,000 per day. The total number of known variants existing today hovers around 125 million. Even the most comprehensive cybersecurity initiatives would have difficulty protecting against all of them. Although experts try to get out ahead of hackers and shore up defenses before a breach occurs, they usually operate in a reactionary capacity. The typical defense cycle begins with a new threat taking advantage of a system vulnerability. When security administrators identify and fix that vulnerability, hackers then find a way to circumvent the newly implemented defense. Although government agencies have some of the best minds in cybersecurity working to enhance their networks, even they are not immune to this vicious cycle.
The vulnerability of government networks
Government Technology’s Dan Lohrmann recently examined the frequency of security breaches occurring on government agency servers and concluded that very few if any could attest to never experiencing at least a minor breach. While the necessary steps are taken to prevent similar incidents from happening again, security breaches both large and small do occur on government networks. The United States Energy Department recently reported that it had been the victim of a cyberattack. The sophisticated assault resulted in the theft of personal data belonging to several hundred government employees. Even more disconcerting, law enforcement officials believe the hackers responsible for the attack may have had other insidious motives. The cyberthieves may have been attempting to access classified information that would be highly desirable on the international intelligence market.
Perhaps no governmental security breach has been as alarming as the cyberattack on South Carolina’s Department of Revenue. After breaking into the state government’s network, hackers made off with sensitive data belonging to more than three million residents. The stolen information included Social Security, credit card and debit card numbers. State officials have spent at least $20 million on security upgrades, credit monitoring and consulting services in order to limit the amount of damage done by the breach. The incident highlights the need for governments, both federal and local, to invest heavily in current layered security measures to ensure the protection of sensitive data.
Are you concerned about the security of government databases? Should governmental agencies be doing more to protect its citizens’ personal information? Tell us what you think in the comment section below!