Cybersecurity Alert: Lessons for (and from) Digital Governments

Published on September 21, 2023

Time and again, national governments worldwide have fallen prey to cyber assaults, illustrating that no organization can afford to overlook the potential consequences of inadequate digital security.

The pervasive threat of cyberattacks looms over governments of ALL sizes, leaving no entity immune to the risk.

From national superpowers… to smaller municipalities, the ever-evolving landscape of cybercrime has demonstrated its capability to breach even the most fortified defenses.

That’s why I believe it is imperative to continually shed light on the pressing need for stringent government cybersecurity practices. 

Even on a smaller scale, both state and local governments have experienced devastating ransomware attacks, causing not only the loss of sensitive data but also rendering vital citizen services inoperable.

Ogun State website hack – Nigeria

Cybercriminals, allegedly operating from the Maldives, targeted the official website of the Ogun State Government in Nigeria in a recent hacking incident.

The website’s pages were defaced, and the hackers left a bold inscription along with their logo, claiming responsibility for the cyberattack.

This is not the first time the Ogun State Government’s website has been targeted.

In a similar incident back in 2015, cyberterrorists also hacked the site and demanded the government to improve its security measures (which apparently they didn’t do that well. 

Ogun State, located in southwestern Nigeria, has a significant population of nearly 6 million people.

The lesson:

The Ogun State Government’s experiences underscore the critical importance for all government entities to prioritize cybersecurity.

Such incidents not only disrupt the functionality of official websites but can also damage the government’s reputation and undermine public trust.

Being proactive and vigilant is crucial to safeguarding public information and maintaining the integrity of government services.

George County hack – US

The cyberattack on George County, Miss., serves as a warning for small-town and rural government agencies. The attack began as an employee unknowingly triggered the ransomware by clicking on a link within an email.

The malware swiftly infiltrated the system and climbed up the administrative hierarchy until it reached one of the county’s servers, leading to a complete shutdown of the entire system for over two days.

To add to the challenge, officials had to revert to manual processes to issue handwritten, paper checks for payroll during this period.

The lesson:

This incident serves as a stark reminder of the vulnerabilities faced by small government agencies in rural areas.

It underscores the importance of implementing robust cybersecurity measures and continuously educating employees about the risks of phishing and other cyber threats.

Such proactive steps can go a long way in fortifying our systems against potential cyberattacks and preserving the smooth functioning of essential public services.

TPCHD Breach – US

The Tacoma-Pierce County Health Department (TPCHD) has recently sent out a mailer informing the public that a data breach had occurred in the past.

An “unauthorized person” accessed a database containing the user account information of around 1.5 million individuals and then posted this data on an online forum.

The breach was discovered by the federal government sometime in late 2022, and the Department of Justice notified TPCHD about it on Jun. 1 of this year.

The data that was posted included information that consisted of names, dates of birth, email addresses, and ZIP codes.

The lesson:

The TPCHD data breach highlights the need for regular security audits, timely updates, and constant vigilance to safeguard sensitive user information.

Additionally, having a strong incident response plan in place and promptly informing affected individuals can help mitigate the consequences of a data breach and rebuild trust with the public.

Protecting citizens’ data must be a top priority to prevent such breaches from occurring in the future.

Final remarks

The gravity of any of these incidents cannot be overlooked, as they not only compromise sensitive data but also disrupt public services and erode citizens’ trust in their government’s digital security.

As I reflect on the situation, it becomes evident that governments worldwide must adopt a proactive and comprehensive approach to cybersecurity.

The Ogun State Government’s repeat experience with hacking highlights the need for governments to learn from past incidents and take immediate action to strengthen their future digital defenses.

Cyberattacks know no borders, but it is a collective responsibility (of governments as institutions and employees as individuals) to safeguard sensitive information, protect public services, and preserve the trust of our citizens.

About the Author

Mohammad J Sear is focused on bringing purpose to digital in government.

He has obtained his leadership training from the Harvard Kennedy School of Government, USA and holds an MBA from the University of Leicester, UK.

After a successful 12+ years career in the UK government during the premiership of three Prime Ministers Margaret Thatcher, John Major and Tony Blair, Mohammad moved to the private sector and has now for 20+ years been advising government organizations in the UK, Middle East, Australasia and South Asia on strategic challenges and digital transformation.

He is currently working for Ernst & Young (EY) and leading the Digital Government practice efforts across the Middle East and North Africa (MENA), and is also a Digital Government and Innovation lecturer at the Paris School of International Affairs, Sciences Po, France.

As a thought-leader some of the articles he has authored include: “Digital is great but exclusion isn’t – make data work for driving better digital inclusion” published in Harvard Business Review, “Holistic Digital Government” published in the MIT Technology Review, “Want To Make Citizens Happy – Put Experience First” published in Forbes Middle East.

More from Mohammad J Sear