By Jonathan McDonald
Government agencies (and their customers) aren’t immune to cyberattacks. In fact, they’re often a more tempting target with an extensive network of compromised personal data available for sale or provided by a consumer unaware of a scam. The pandemic only exacerbated an already serious problem with cybersecurity in the public sector. Now, government agencies are faced with scams and fraudulent claims in addition to typical cyberattacks, and the problem needs real attention.
Account Takeover and Other Threats
One of the most significant threats facing government agencies at all levels during the pandemic is account takeover (ATO). ATO was accompanied, to a lesser degree, by fraudulent account creation, fraudulently filing for benefits, or filing under a false identity. The numbers are still being tallied, but costs to U.S. taxpayers from COVID-related fraud total in the billions.ATO occurs when a bad actor gains control over a person’s benefits account. First, they will gain login details, then change seemingly insignificant PII data on the account slowly. Successful ATOs can unlock a host of benefits for the attacker, who is then free to make fraudulent claims and assume the online identity of the victim.
