Government sector entities—including those at the national and local levels, as well as law enforcement—represent consistently high-value targets for both targeted intrusion and eCrime adversaries.
For foreign intelligence entities, such as those typically associated with targeted intrusion actors, government organizations are traditional collection targets of long standing and high priority, given that information in their possession can provide direct insight into a state’s policies, decision-making, and intent. Government entities, along with critical infrastructure and the financial sector, also present prime targets should targeted intrusion actors choose to pursue disruptive operations, as impacts to government networks offer strong signaling opportunities. The most prominent eCrime threat to government entities is also disruptive in nature, namely Big Game Hunting ransomware operations. This has been clearly evidenced by multiple incidents affecting a wide variety of state and local government systems.