U.S. cybersecurity: Preparing for the challenges of 2021
In 2020, cybersecurity became a business problem for every industry, as well as the U.S. government. According to a new report by the Aspen Cybersecurity Group, there are several opportunities for the new presidential administration to increase cybersecurity efforts and awareness to create a more resilient digital infrastructure.
Organizations like the Cybersecurity and Infrastructure Security Agency (CISA), local and state governments, and the private sector have all taken significant steps to mitigate and respond to cyber incidents. Given the rise in bad actors targeting critical infrastructure, ongoing nation-state threats, and increasingly sophisticated ransomware attacks, here are three cybersecurity priorities to keep in mind as we head into 2021 with a new administration.
Continue to bolster election security
We must continue to work to secure voting infrastructure, as future elections will inevitably be targets for cybercriminals and nation-state actors. In the recent VMware Carbon Black Global Incident Response Threat Report, incident response and cybersecurity professionals surveyed noted the biggest threats to election security remain disinformation on social media, ransomware attacks, voter manipulation, and voter disenfranchisement.
In order to secure the integrity of future elections and the voting process, securing our voting infrastructure must be a priority. If machines and voting software aren’t designed securely from the ground up, there will be vulnerabilities for hackers to exploit.
Strengthen efforts against nation-state actors
As geopolitical tensions increase, we can expect destructive attacks and attempts to continue in the new year. The 2019 Worldwide Threat Assessment compiled by former Director of National Intelligence, Daniel Coats, listed cybersecurity as the top global threat, noting that every U.S. foreign adversary would likely seek to undermine American infrastructures through cyberattacks and influence operations.
There have been numerous attacks targeting the U.S. government in recent years, like the use of Trickbot for example, the world’s largest botnet believed to be controlled by Russian cybercriminals. Nation-state actors will continue to try new tactics to both profit and sow discourse, so it will be critical to put security measures into place to defend against these ongoing threats.
Time to establish regulations for ransomware payments
As the pandemic continues into 2021, so will the increase in bad actors looking to profit off of the growing dependence on technology and the interconnected world. In November, attackers targeted the Baltimore County Public Schools – with tons of personal data on hand and less sophisticated plans on how to secure their infrastructure, ransomware attacks continue to surge.
The use of ransomware by powerful cybercrime groups has also evolved from a simple money grab to wholesale extortion. Now, as CISA has warned, cybercriminals are taking time to fully understand and map out businesses from the inside and are exfiltrating sensitive data before encrypting. Additionally, we’ve observed a significant increase of new and improved ransomware as a service (RaaS) options. This subscription-based malicious model enables even the most novice cybercriminal to launch ransomware attacks without much difficulty.
The federal government plays a role in the monetization model for victims, their insurers and incident response providers when recovering from a ransomware attack. The Treasury’s Office of Foreign Assets Control has said “companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.” While this makes sense on paper, in practice victims end up paying the ransom as it’s often the fastest way to resume business as usual.
Moving forward, the new administration should consider implementing streamlined regulations for ransomware payments and mitigate on behalf of victims. By having set parameters as to how a business should respond to an attack between the victim, insurers, and the federal government, attacks are likely to be better managed and even slowed in the end.
As we enter 2021, with a new administration, we must continue working together to scale up cybersecurity efforts. A proactive approach is required to strengthen our cyber defenses as the threat landscape evolves and bad actors become increasingly sophisticated. If we prioritize one thing in 2021, it should be cyber resiliency for all.