UK’s FOI Request Exposes British Government Cybersecurity Weaknesses
Through the United Kingdom’s Freedom of Information, data and statistics that used to be state-secrets are exposed for public consumption and appreciation. It opens the venue for people from all walks of life to have their individual insights on how the former superpower manages its affairs, for or against its national agenda. Private companies may also request the UK government about the information that used to be considered as a “security sensitive”, making them public documents for anyone to check.
Recently, a private firm named SolarWinds which engages with the IT management sector disclosed the result of its Freedom of Information (FOI) request, showing that the public-sector experienced an increasing number of cyber attacks for the past year 2018. 18% of all public sectors in the UK experienced either a ransomware exploits, phishing attack and common virus infections, especially those that interface with foreign/diplomatic entities. The same report also shows that the effectiveness of available antimalware solutions in the market reaches 96%, 98% if you count those solutions categorized as Endpoint protections (corporate-level antivirus product). Firewall hardware was also a focus for review, as it successfully blocked unauthorized access 98% of the time.
Unfortunately, the statistics show weakness with the capability of the public sector to perform a post-audit process once a cyber attack made a successful operation. This is because only 73% of the public sector have a reliable log management system in their network installations. These same organization also lack dependable network traffic analysis which will be useful for forensic investigations after a cyber attack happened “While preparation is generally high throughout the public sector, the growth in large numbers of attacks shows that there is still a significant risk. These results highlight the importance of finding simple-to-use, affordable, and scalable security solutions that can work across the varied IT environments like those in the NHS and central government, to ensure the most comprehensive protection available for these vital services,” explained Sascha Giese, SolarWind’s Technical Lead.
Just like the rest of the European region, the UK public sector faces a lot of challenge, given that they operate due to British tax, funding for credible cybersecurity defense posture is not a walk-in-the-park. Cybersecurity defense posture not only requires the hardware and software that run the entire infrastructure, but also human operators, IT professionals such as network administrators, database admins and software developers cost money to hire and remain productively happy with their jobs.
The saddest part of the report is around 9% of the UK public sector has no organized way to train their employees to be cybersecurity risks aware. While the other 15% just left their current employees to their devices, ignored the risks of new flaws, exploits and social engineering techniques that may one day victimize one of the employees in question. Login credential theft is no common, but also not uncommon – as the public sector employees are privileged with having access to public information, their login credentials are also top prizes for threat actors to steal.