Cyberattacks against organizations in the public sector saw a huge spike in 2023 as hackers look to steal valuable sensitive information these firms hold on different people, a new report from KnowBe4 has claimed..
As per the paper, cyberattacks against government agencies and other firms in the public sector rose by 40% in the second quarter of 2023, compared to the first one. In the third quarter, the rise in attacks spiked at 95%.
There are multiple reasons for the spike, the researchers further explained, placing emphasis on two specific ones. The first one is the value hackers are able to extract from their victims. Data breaches have never been this expensive, with the cost of an incident rising by 15% over the last three years. In other words, sensitive data residing on victim servers can either be sold for profit, or used in extortion attacks.
Generative AI exacerbates the problem
The cost also rises because of the second reason – the increasing use of generative artificial intelligence (AI) tools. These tools, such as Chat-GPT, lower the barrier for entry into cybercrime. What’s more, they allow skilled threat actors to create believable phishing emails, legitimate-looking landing pages, and more – in a fraction of the time needed in a manual setup. By optimizing their workflow this way, hackers can get more work done in less time, consequently stealing more data and earning more money.
As a result, there is a “critical need” to strengthen the human aspect of cybersecurity within organizations, the researchers said, through comprehensive security awareness training.
“Through proper training initiatives, this cost-effective and straightforward approach can effectively counteract social engineering tactics,” Stu Sjouwerman, CEO, KnowBe4. “However, as the sophistication of attacks designed to exploit the human factor increases, the continuous reinforcement of a strong security culture is an indispensable tool for enduring digital defense and operational continuity.”