On 31st August 2022, the global insurance giant Gallagher revealed that UK councils have been on the receiving end of over 2.3 million cyber attacks so far this year*. A freedom of information (FOI) request raised by the insurance broker assessed 161 local authorities in the UK, discovering that distributed denial-of-service (DDoS) attacks** were the second biggest cyber threats to UK councils, following phishing attacks.
Richard Hummel, senior manager of threat intelligence at NETSCOUT, offers the following advice to councils, as well as public sector organisations in general, when it comes to defending themselves from DDoS attacks:
“DDoS attacks targeting the public sector and critical national infrastructure (CNI) are an ongoing problem, with essential services – including healthcare, finance, energy, and transportation providers – at particular risk. This is alongside the genuine concern around DDoS attacks having the potential to cause nationwide failures across critical public services, coupled with our dependency on enterprise connected devices (ECDs) and increased global interconnectivity of digital networks. With this in mind, it is important for public sector organisations to be aware of the general cyberthreat landscape in order to increase their chances of defending against such attacks.
“By implementing robust and modern cybersecurity tools, public sector organisations can block as much as 90 per cent of DDoS attacks. Utilising several simple yet effective mitigation tactics – such as restricting inbound traffic and preventing IP address spoofing – can help the public sector dramatically reduce the impact of emerging DDoS attacks.
“Additionally, by simply educating employees on the basics of good cyber hygiene, public sector organisations will be better positioned to defend themselves from emerging DDoS attacks. Members of staff, including those choosing to work remotely, should be taught the tell-tale signs to identify suspicious file attachments, website links, and emails that they may receive. IT teams and system administrators can also put preventative measures in place such as installing antivirus software and file scanners onto devices throughout the enterprise. This way, malware and other cyberthreats can be detected much faster, eliminating the need for users to investigate emails, file attachments, or links themselves.”