A growing concern for many government entities is the rise of hacktivism. This is when a cybercriminal or group attacks an institution with political or social motivations. The reasons behind a hacktivist-led attack can include causing reputational damage, exposing corruption, or even engaging in acts of warfare.
One of the most iconic hacktivism organisations has been Anonymous. The group started out in 2003 with simple pranks in online chat rooms, where they would flood gaming chats with messages. Anonymous has since grown to become a highly organised hacktivist group targeting public sector institutions. Just last year, the group claimed responsibility for a distributed denial-of-service (DDoS) attack on Kenya’s eCitizen platform. This incident disrupted 5 000 government services affecting electricity purchases, mobile payments via M-Pesa, visa applications, and even the country’s rail network.
Government institutions in South Africa have also been under a barrage of attacks from cybercriminals, disrupting a wide range of public services from medical procedures to judicial services.
Attacks such as these not only hinder civic operations and services, they cost the economy dearly. According to the Council for Scientific and Industrial Research, cyberattacks cost South Africa R2.2 billion each year.
A rising global problem
However, it’s not only African governments that are impacted. A recent report released by the United Nations Counter-Terrorism Centre (UNCCT) and the United Nations Interregional Crime and Justice Research Institute (UNICRI) has sounded the alarm that hacktivism is on the rise worldwide. The global political climate is driving this increase, with polarising conflicts taking centre stage in recent years. 2024 has also been a significant year for elections with 50 countries heading to the polls. Many experts have expressed concern about generative AI’s powerful capabilities to drive misinformation during a time of political tension.
The “Beneath the Surface” report by the UNCCT and UNICRI spotlights the evolution of hacktivist groups, their technical capabilities, and their success in organising and collaborating. One of its findings explores the detrimental impact of cybercrime-as-a-service and how this has increased access to tools that are enabling hackers to perform more complex attacks with little resistance. It’s believed that cybercrime-as-a-service generates around $1.6 billion in revenue.
Risk and response
Public sector organisations are under unprecedented pressure to optimise cyber resilience. Trend Micro data from 2023 shows the sector recorded more ransomware detections than any other in South Africa last year. In total, across the world, Trend detected over 12 million risk events among government customers.
To mitigate these types of attacks, government departments need to regularly check and update their software and security systems. Often, these updates contain security patches and configurations developed in response to the latest known cybersecurity risks. Downloading the latest software update is a small act that can go a long way in preventing a breach.
Deploying the right tools to address today’s modern security risks is vital. Extended detection and response (XDR) collects and automatically correlates data across multiple security layers, such as email, cloud infrastructure, endpoints, data, and identity. This allows for faster detection of threats and improved investigation and response times. Informed by a Zero Trust architecture, XDR offers a broader perspective on cybersecurity and better context to detect, prevent, and respond to threats.
While having the right tools is important, public-private partnerships will be key in securing digital environments for all state entities. Fostering partnerships that enable the sharing of intelligence, best practices, skills, and resources is essential to building stronger cyber defences in the public sector. Because these institutions are custodians of huge volumes of personal data, it is important that they leverage the skills, knowledge, and expertise of cybersecurity specialists.
The rise of hacktivism presents a significant and evolving challenge for government institutions locally and across the continent. The public sector has become a popular target for cyberattacks, increasing the possibility of major disruptions to critical services as well as economic losses. By addressing vulnerabilities and partnering with the private sector, governments can safeguard their systems from hacktivists.