Public Administration
NAICS 92

Here and now

The System Intrusion pattern has drop-kicked the Social Engineering pattern right out of the “top three” club. This was quite the coup, considering the Social Engineering pattern was in the top spot last year. In part, this may be attributed to some prominent and far-reaching supply chain breaches that came to light last year.

As the Social Engineering pattern fell, the Basic Web Application Attacks stepped in to fill the vacuum. Miscellaneous Errors remained in the middle spot, with the trio of Misconfiguration, Misdelivery and Loss nearly tied for what caused the most error-based breaches in this sector.

The occurrence of errors in this industry accounts for the prevalence of breaches caused by the Internal actor. While there was a smattering of Misuse breaches in this sector, internal actors are about seven times more likely to make a mistake that causes a breach than they are to do something malicious.

We have said before how popular Credentials are as a data type to be raided. However, this year’s data showed a drop from 2021’s report, when it was 80% in this industry. Personal was only 18% last year, but has now catapulted into the top spot.

Step into my raggedy DeLorean

In honor of our 15-year anniversary, we wanted to take a look back in time at what has changed in this sector. Just three years ago, the top motive was Espionage, at 66% of breaches. Five years ago, it was 64%, which illustrates that it has been a persistent challenge for Government entities. This makes sense, when you consider that regardless of which Government entity we are talking about, someone wants to know what they’re up to. Speaking of malicious—we found that the Espionage motive is up from 4% from last year to 18% this year. Internal breaches also increased from last year, and we have the motive of Grudge popping up in our list for a change.

Figure 101 illustrates the change in the Espionage-motivated actors in this industry since 2017. As you can see, when the Espionage motive fell, the Financially-motivated attacks rose. It appears that the Public Administration sector has joined the rest of us in being targeted by criminals looking to make a buck. Welcome to the party, pal!²⁷

²⁷ Admit it, you read this in John McClane’s voice.