Australia’s national and state governments are facing a growing challenge from cyberthreats that have the potential to cause large-scale disruption and loss.
Ransomware, phishing campaigns, and malicious viruses are growing in number at a time when a greater proportion of government services is being delivered digitally. Attacks are occurring regularly, and their sophistication is increasing at an alarming rate.
There are a range of recent examples. In June, New South Wales Health announced that personal data was likely to have been accessed by criminals during the global Accellion software cyberattack in late 2020.
In March this year, hospitals in Victoria experienced a cyberattack that led to elective surgeries being postponed at four hospitals in Melbourne’s east. The hospitals’ IT systems were taken offline as a precaution until the extent of the attack was fully understood.
Western Australia’s parliament also became a victim this year when its email infrastructure was hit by what was suspected to be a cyberattack from China. While a subsequent investigation found no sensitive data was stolen, the incident did cause disruption during the state’s election.
Zscaler’s own research supports the narrative recently established by the U.S. federal government, which classifies ransomware a national security threat. Indeed, in 2020, the ZScaler ThreatLabZ threat research team observed a notable escalation of ransomware in terms of frequency and the sophistication and severity of incidents, resulting in higher—and more guaranteed—payouts from victims.
These significant security challenges come at a time when governments are becoming increasingly connected, both within themselves and with their citizens. Processes that were once paper based are now online and communications and service provision is often handled virtually.
This has led to a change in the expectations citizens have of government departments and agencies. They expect to be able to access information online and from whatever device they choose to use. They also want to be able to search for that information by topic rather than needing to have a deep understanding of which departments cover which areas.
In response to this trend, governments have had to open their IT infrastructures in ways never before required. Rather than keeping all applications and data housed in a core data centre, they have become distributed and more connected to the public internet.
A growing security challenge
While this shift has done much to streamline the way governments operate, it has also caused some significant security challenges. Interconnected and distributed systems cannot be protected in the same way they were when in the data centre.
The traditional approach of putting everything behind a firewall and restricting access to authorised parties no longer works. A new approach is required that can allow greater access and interconnection without increasing the risk of a government falling victim to a cyberattack.
The security challenge is growing because, essentially, the public internet has become the network. It’s used to connect people to government information while also increasingly as the link between the systems delivering that information.
The game has changed, and governments need to shift their security strategies in response. Any failure to do this could be very costly and erode public confidence.
The role of zero trust
One approach attracting increasing attention within governments involves a strategy dubbed zero trust. Rather than having a walled garden that protects digital assets from attack and misuse, zero trust involves limiting access to only those who have been able to prove their identity.
Once in place, zero trust means that IT assets are fully protected regardless of their physical location. Users can be granted secure access to just the resources they require rather than an entire infrastructure.
There are two core steps in a zero-trust strategy. Firstly, an organisation adopts the position of not inherently trusting anything on or off its network. Secondly, security controls are applied to compartmentalise and protect all core systems, data, and users.
When zero trust is considered from a security breach perspective, the intent is that a compromise of one asset doesn’t then compromise an entire organisation. If a cybercriminal succeeds in gaining access in one area, it doesn’t mean they’ll be able to run rampant within the IT infrastructure.
A zero-trust strategy is particularly relevant during Australia’s current restricted working conditions. With many government staff still required to work from home, having technology in place that allows secure access of IT resources is vital. Zero trust can achieve this in a way that is more secure and scalable than has been the case with network firewalls.
Cutting through the hype
Like any rapidly evolving technology, zero trust is currently suffering from a significant amount of marketing hype. Just as was the case with cloud computing when that concept first arrived, a multitude of vendors are claiming to have the best solution on the market.
This hype cloud makes it rather challenging for governments to cut through and gain an accurate assessment of which zero-trust components are the most appropriate fit for their particular requirements.
However, with IT connectivity continuing to increase, it is becoming more important for governments to have a clear understanding of the benefits a zero-trust framework can deliver and how such a strategy can be achieved. Knowing a chosen vendor has both the technology and experience in this field is therefore vital.
The risks posed by cyberattacks are, unfortunately, going to continue to increase. Governments are seen by cybercriminals as tempting targets and so will continue to hone their techniques and develop new ways to attack.
With a comprehensive zero trust framework in place, Australian governments can be confident they have an effective way to combat these threats. This will ensure that the delivery of services to citizens can continue without disruption.
Zscaler has a proven zero trust solution that is IRAP assessed to the protected level which has been deployed in numerous Australian government agencies. We have a dedicated government team that is focused on protecting the Australian Government and its citizens. Click here to find out more.