Cyber-Espionage is rampant in the Public sector, with State-affiliated actors accounting for 79 percent of all breaches involving external actors. Privilege Misuse and Error by insiders account for 30 percent of breaches.
23,399 incidents, 330 with confirmed data disclosure
Top 3 Partners
Cyber-Espionage, Miscellaneous Errors and Privilege Misuse represent
72% of breaches
External (75%), Internal (30%), Partner (1%), and Multiple parties
Espionage (66%), Financial (29%), Other (2%) (breaches)
Internal (68%), Personal (22%), Credentials (12%) (breaches)
Given the sheer number of incidents in this sector, you would think that the government incident responders must either be cape and tights wearing super heroes, or so stressed they’re barely hanging on by their fingernails. And while that may yet be the case, keep in mind that we do have very good visibility into this industry, in part due to regulatory requirements that members (at least in the United States) must report their incidents to one of our data sharing partners (the US-CERT). Arguably more interesting is the fact that, with similar breach numbers from last year’s report, the makeup of the breaches has seen some change.
Master of whisperers
While the Cyber-Espionage pattern was also the most prominent in this industry in last year’s report, the number of breaches in the Cyber-Espionage pattern is 168% of last year’s amount. Figure 60 shows how the percentages shifted from last year.