Most Governments Were Hacked in the Past Year, Reports Reveal

Cybersecurity professionals often urge organizations to think not of “if” they’ll be attacked, but “when” — and new studies indicate that for many governments around the globe, that “when” may have already happened.

A November 2021 international report from cybersecurity research and marketing consultancy CyberEdge found that 68.2 percent of surveyed government organizations were compromised by one or more cyber attacks within the past 12 months. Fifty-four percent believed such an event was “more likely to occur than not” within the coming year.

The report polled 1,200 public- and private-sector IT security professionals from 17 countries, and focused on organizations with at least 500 employees. Government respondents comprised 4.1 percent of respondents, or roughly 49 individuals.

A survey of 353 IT professionals at government agencies and educational institutions, provided to GovTech by data management solutions company Veeam, also found at least half of respondents suffering from cyber attacks. It reported that ransomware caused “outages” at 52 percent of public-sector organizations. That study captured responses from 28 countries between October 2021 and December 2021.

Both reports suggest that more than half of government agencies have fallen to attack — a significant rate, yet one that puts it ahead of the pack, according to CyberEdge. Just over 85 percent of its overall respondent group reported suffering a successful cyber attack within the past 12 months, and nearly 41 percent had fallen to six or more attacks — the highest ever recorded by this annual report. (The report does not specify how often agencies were re-victimized by the same threat types compared to falling to a variety of attacks. Cyber threats are diverse, including incidents like distributed denial of service (DDoS) attacks, ransomware and other malware and account takeovers.

More important than the sheer number of successful attacks an organization suffers may be how much damage these attacks deal, said Minnesota CISO Rohit Tandon.

Strong cyber protections enable an organization to limit the impacts of…