• Lessons learnt from data breaches due to ransomware attacks on government services
Articles:

Lessons learnt from data breaches due to ransomware attacks on government services

23 January 2023

In 2022 several Belgian government services were the victim of ransomware attacks. Ransomware in
itself is a virus that encrypts the infected data, rendering access impossible for the owner of the data,
unless it is decrypted by the hackers. In some cases, the hackers also copy certain data. The ransom
part comes in when the target is contacted by the hackers with a demand for ransom to either decrypt
the encrypted data or to prevent the hackers from publishing the copied data.

Such ransomware attacks are frequent. In 2022, 148 ransomware attacks were reported worldwide on
government services alone, with an average ransom demand of 9.4 million EUR and an average of
39,383 records impacted per attack. Government services are a preferred target for such hackings as in
general they cannot afford to interrupt their services to the public and any encrypted or stolen data is
usually difficult and costly to recreate. As governments are digitalising and providing more and more
services online there is also a bigger area for the hackers to be active in, whereas these public services
may have issues keeping up with evolutions in technology, increasing the number of potential
vulnerabilities.