How councils can use deception to fight cybercrime
Many cybercriminals are opportunists and take the path of least resistance, aiming at targets that will enable them to make a quick profit with the least effort.
Unfortunately, local government authorities are often precisely the kind of target these criminals seek.
Threat actors are well aware that local authorities have vast stores of valuable data such as personal and financial details of residents. At the same time, they generally lack the budgets and resources of their counterparts in the central government, making them an ideal mark for a criminal looking to make quick cash. Research from Gallagher found that threat actors attacked UK local authorities more than 800 times an hour last year.
Advanced ransomware attacks are now increasingly targeting the public sector and aim to widely lock systems and cripple services so that they can command a more lucrative payout. In recent years these attacks have become more sophisticated and problematic to detect. Perpetrators are now seeking to optimise their chances of success by first infiltrating the network then pinpointing the most valuable assets to encrypt.
Criminals bank on the idea that local governmental bodies will quickly pay a ransom demand to unlock their systems because the public depends on them for essential municipal services. It is worth noting that even when paying a ransom, there is no guarantee that they can recover data or that these or other criminals will not strike again.
Learn how, while deception has always been one of the most powerful resources in an attacker’s tool kit, it can be equally useful for defence.
Read the full article by Carolyn Crandall in LocalGov here.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise