To say that 2020 has been unique would be an understatement. It’s doubtful that any American will be reticent to turn the page on 2020 come this New Year’s Eve. The past year has seen the country mired in a global pandemic, civil unrest, and a seemingly endless number of natural disasters and emergency situations.
These many different crises and challenges have pushed some Americans close to their breaking points. But not everyone sees chaos and uncertainty in these situations – some see opportunity.
While Cybersecurity Awareness Month is coming to a close, there is a great deal of new research and information being released about the current threat landscape facing the government and its agencies. Included in that research is the bi-annual NETSCOUT Threat Intelligence Report, which found that malicious actors and hackers not only continued their operations and attacks during the tumultuous times of 2020 – they accelerated them.
We recently sat down with Tom Bienkowski of NETSCOUT to learn more about the findings in the Threat Intelligence Report, discuss the impact of the pandemic and civil unrest on DDoS activity and explore if government agencies were more or less secure this Cybersecurity Awareness Month than in years past.
Here is what he had to say:
GovCyberHub (GCH): October is Cybersecurity Awareness Month. What are some of the largest cyber threats facing government agencies and organizations today? What do public sector organizations need to be aware of?
Tom Bienkowski: One of the largest threats to both government and public organizations is the threat of a DDoS attack. According to our research in the first half of 2020, there have been more than 4.8 million DDoS attacks. That’s up 15 percent year-over-year. There was also an alarming 25 percent increase in DDoS activity during the height of the COVID-19 lockdown.
GCH : Cybersecurity Awareness Month is recognized every October. Would you say that the government and its agencies are more secure THIS Cybersecurity Awareness Month than they were LAST Cybersecurity Awareness Month? Why or why not?
Tom Bienkowski: This is a difficult question to answer. But, if I would fathom a guess, it would be “no,” because this October is one like none other in history.
I cringe to say it because the word has been over-used, but this October 2020 is very much, “unprecedented.” The combination of COVID-19 lockdown, ongoing civil unrest, and the fact that it’s a political season have made it a prime time for attackers to disrupt us from social, economic and political perspectives.
I am positive that the amount of threats coming at government agencies is higher than ever before. But whether they’re more secure or not is something only these organizations can know, and involves undergoing risk assessments.
GCH : How are some of the unique situations and events of 2020 – such as the civil unrest – impacting cybersecurity?
Tom Bienkowski: There is something we call, “cyber reflection.” What does this mean? For every geopolitical protest you see happening in-person, there’s a reflection associated with that demonstration happening in cyberspace. Just as people protest in-person, many times they also protest in cyberspace.
DDoS attacks are a common method of cyber protest because they’re so easy to execute. There has been evidence of this in 2020. Public sector organizations at the center of protests are also being targeted by DDoS attacks.
This concept of cyber reflection is very real and I expect for it to continue well into the future. Public sector organizations – especially those being targeted by protests and demonstrations – should remain vigilant.
GCH : Looking forward, what are some of the things that government organizations should be looking to change or implement in the coming year to help make them more secure? What should their security priorities be in 2020-2021?
Tom Bienkowski: If there’s any advice I can give its that government agencies and organizations need to be prepared. They should work to understand all the cyber threats that they could potentially face, understand the best practices in defense, and have a plan in place for securing their applications, data, and networks.
History has shown that those organizations that are not prepared are always the most impacted by cyberattacks and DDoS attacks. Agencies and organizations that don’t have data properly backed up to avoid ransomware payments – or DDoS protection to avoid DDoS extortion payments – are the ones that will be hit hardest.
GCH : NETSCOUT recently released its 2020 Threat Intelligence Report. What does this report include? Is there a particular takeaway or insight from the report that would be interesting to government agencies or other public sector organizations?
Tom Bienkowski: The report showed a massive uptick in the number of DDoS attacks during the first half of 2020. According to the research, there were 4.8 million DDoS attacks this year, which was a 15 percent year-over-year increase. And these attacks targeted all types of organizations in every corner of the globe.
Not only was there an increase in the frequency of these attacks, but there was also an increase in attack complexity. For example, we saw attacks utilizing 15 or more vectors increase by more than 2,000 percent since 2017. We also saw packet rates increase.
Simultaneously, we saw attacks decrease in duration – occurring over a period of minutes. All this equates to increased attack sophistication and makes it harder for defenders to protect their applications and services from DDoS attacks.
For additional information about the cyber threats facing public sector organizations, click HERE to download a complimentary copy of the 2020 Threat Intelligence Report.