Information Security Amid Escalating Cyber Threats

Cyberattacks and threats targeting government and private entities, as well as vital sectors, are accelerating at an unprecedented pace. This rapid escalation stems from the increasing reliance on internet-connected technologies such as digital banking services, remote control of energy systems, and other critical services, which have become more vulnerable to breaches. These attacks lead to network and system intrusions, theft of login credentials and sensitive information, and significant financial losses for companies. The alarming surge in cybercrime also raises fears of attacks on critical infrastructure, heightening the risk of disrupting essential services such as energy, water, healthcare, and other vital sectors.

Moreover, cyberattacks no longer focus solely on critical systems; they also undermine citizens’ trust in state institutions and core public services, as well as the stability of vital sectors. Recent international reports indicate that a ransomware attack occurs every 11 seconds worldwide, with more than 300 million people falling victim to cyberattacks in 2023 alone. Global cybercrime costs were estimated at around USD 9.5 trillion in 2024, with an annual increase exceeding 15%. Institutions in healthcare, energy, and finance have become prime targets for ransomware due to their pressing need to minimize downtime, making them more likely to pay ransoms.

An example of the growing threat is the wave of attacks on government entities. In the European Union, for instance, around 10,000 cyberattacks were recorded within a single year, with public administration accounting for nearly 19% of the total. This highlights that governments are among the most exposed to cyber risks, particularly as the cost of data breaches in these sectors is rising rapidly. According to a report by IBM and the Ponemon Institute, the average cost of a healthcare data breach reached USD 10.93 million in 2023—the highest among all sectors—while the financial sector recorded a significantly lower average of about USD 5.9 million per breach.

The financial sector itself faces mounting pressure from ransomware, phishing, and digital supply chain breaches. Reports confirm that most financial service providers have experienced sophisticated attacks, with a growing share targeting banks and financial institutions. The resulting financial losses, along with legal and operational risks, have grown substantially as cybercrime has become more complex and touches multiple layers of digital infrastructure. Meanwhile, the energy sector remains among the most exposed to advanced threats due to its critical role in national economies and security. International reports show that ransomware attacks on energy companies and utilities surged by nearly 80% in 2024 compared with the previous year.

Global cyberattacks increased by about 30% in the second quarter of 2024 compared to the same period the year before. Institutions are increasingly targeted by zero-day exploits and rapid exploitation of newly discovered vulnerabilities, creating an urgent need for vigilance and compliance with both global and national cybersecurity standards. This requires governments and organizations to adopt decisive and robust protective measures.

Such attacks often go beyond service disruption, extending to breaches of operational technology (OT) systems, which heightens the risk as the impact can spread to physical infrastructure, the environment, and end users. Mitigation strategies must include training and awareness programs for employees—since most incidents stem from human error or inadequate responses—timely system updates and patches, especially in response to zero-day vulnerabilities.

Equally important is the scrutiny of digital supply chains to ensure the security of external partners working with government, healthcare, or financial institutions. Adopting standards for information security, critical infrastructure protection, and data privacy is vital, alongside ensuring the presence of cyber incident response plans that cover business continuity, disaster recovery, and coordination with relevant authorities.

In conclusion, the relentless rise in cyberattacks targeting government, financial, healthcare, and energy sectors underscores that cybersecurity is no longer a luxury but a critical necessity. Failure to take the necessary precautions results in financial and human losses, loss of trust, and disruption of essential services. Every responsible entity must therefore strengthen its cyber resilience, comply with sound standards, and place security at the core of its strategic planning.