Unprecedented increase in cyberattacks targeting government officials and agencies in 2022

Over the past decade, cyber attacks have become more destructive, more widespread, and in many cases more political. Heads of state and dignitaries have had their private information and devices compromised by spyware, resulting in leaks of private information. Governments and agencies, in turn, face a dual attack that includes not only spyware, but also ransomware. In a time of exponential growth in cyber attacks, countries see cyber security as a key national security challenge.

1. Dozens of heads of state have been cyber-attacked to steal confidential information.

Dozens of government officials have had their phones hacked in recent years, including French President Emmanuel Macron, Spanish Prime Minister Pedro Sánchez, staff members of British Prime Minister Boris Johnson, former British Prime Minister Liz Truss, the EU Justice Commissioner, and U.S. diplomats.

What is usually installed on these dignitaries' phones is Pegasus software from the Israeli company NSO Group. Pegasus can infect targeted devices and access personal data without the victim's knowledge, and can also remotely enable cameras and microphones.

On October 30, 2022, former British Prime Minister Liz Truss's private cell phone was hacked by cyber spies. According to the Daily Mail, the personal cell phone numbers, email addresses, passwords and other personal information of Liz Truss and 25 British cabinet ministers were exposed on U.S. websites.

The site allegedly contains 1.4 billion pieces of stolen data, with some files dating back to attacks more than a decade ago, and the public was able to access the information with ease. The site costs just £6.49 ($7.25) a week to subscribe to its database.

While the details of the hack are unclear, the attackers are believed to have downloaded year-long recordings of private conversations between Truss and his political ally Kwasi Kwarteng criticizing Johnson, as well as Truss' "highly sensitive discussions with senior international foreign ministers about the war in Ukraine, including detailed discussions about arms shipments.

It is understood that the incident was discovered as early as that summer's prime ministerial election, but then-Foreign Minister Truss was vying to become leader of the Conservative Party and the next prime minister, and then-Prime Minister Boris Johnson decided to suppress the matter. The hackers reportedly obtained information that included Truss .

2. Frequent Cyber Attacks on Government Agencies

In addition to dignitaries, government agencies are frequently hacked. In late 2020, Russian intelligence agencies exploited vulnerabilities in the SolarWinds software package to hack the U.S. State Department, the Department of Homeland Security, parts of the Pentagon and dozens of federal agencies.

National-level government agencies are usually the primary targets of hacking attacks, but attackers also often target local governments, which often have a greater impact because of weak defenses. In February 2023, the city of Auckland, New Zealand, had to declare a state of emergency after a ransomware attack took all IT systems offline.

The U.S. Center for Strategic and International Studies (CSIS) maintains a list of major cyber incidents, and essentially every month there is a major attack against government agencies around the world. A recent report by cybersecurity firm CloudSek also noted a 95 percent increase in the number of attacks against government departments globally in the second half of 2022 compared to the same period in 2021.

The report shows that India, the US, Indonesia and China continued to be the most attacked countries over the past two years. Together, these four countries accounted for 40% of the total number of incidents reported by governments.