Email
Password
Remember meForgot password?
    Log in with Twitter

article imagePrediction: What does 2021 hold for cybersecurity in the U.S.? Special

By Tim Sandle     Nov 14, 2020 in Technology
What does 2021 hold for cybersecurity? We spoke with IronNet cybersecurity’s top experts on topics such as disinformation, remote work, healthcare industry regulations, ransomware attacks and more.
Any predictions made in 2019 for this year could not have accounted for 2020’s twists and turns. To state that most of what transpired was unexpected is an understatement. From COVID to an unprecedented number of phishing and ransomware attacks to the current election security landscape, there were several major disruptions..
In terms of what 2021 will bring, Digital Journal caught up with security experts from IronNet. Beginning with Major General (Ret) Brett Williams, who is the co-founder & COO, IronNet.
Digital Journal: Do we need an information operations kill chain?
Brett Williams: Just like there’s a kill chain for cyberattacks, there’s a kill chain for information operations. The information kill chain has an entire sequence of events that need to occur, just like with malware, and we need to know where adversaries are within that chain of events as well as how to break it. In other words, we can apply cybersecurity principles to battling information operations.
The private sector is on the front lines of this information war as represented by the largest tech companies and in 2021, the public sector needs to enable them to be more successful. We must realize that just like any other critical infrastructure sector and everything that supports our elections – protecting information infrastructure is just as important, as it’s where people get the necessary information to make critical decisions.
Much like we tried to do with CISA legislation in 2015, we need to enable tech companies by arming them with the right policies, legal protections, and government oversight/regulations to combat disinformation, misinformation and propaganda. As we bolster our security posture in 2021, cooperation between public/private sectors will be necessary to lower the volume of these attacks. We can’t continue to just say the public needs to be smarter.
DJ: Is ransomware set to become more sophisticated?
Williams: Ransomware and extortion will get more sophisticated. Extortion is an extension of ransomware, and people are going to increasingly realize that you can extort major companies with complex logistics for example, (i.e. shipping industry, manufacturing, etc.) by holding those systems at risk and demanding money to get them back up and running. In the past, ransomware typically just locked systems up in the first 90 seconds of the event.
Now attackers are getting into the networks, exfiltrating the data they want so they can encrypt it not only to charge to get it back, but also threatening to leak it if the ransom isn’t paid. We’ve seen how effective this strategy is over the past year and there’s a potential to see this applied in a sophisticated way to affect business operations. I think a trend we will see with information operations will mirror what we saw with malware. Over time, cyber capabilities migrated from nation states to the broader public raising the threat level for everyone. I see a similar dynamic occurring with information techniques. Criminal groups will learn from nation states how to use disinformation and misinformation to impact business operations such as mergers and acquisitions, stock prices and company reputation.
DJ: Is the solution better collaboration throughout the U.S.?
Williams: At the nation-state level, the recent reporting to the public about China’s focus on critical infrastructure attacks rather than the typical theft of IP is significant. DHS is seeing enough of these types of attacks to make them publicly known. To me, this shows that nation-state adversaries aren’t giving the US any more “away games,” and are instead bringing the competition to the U.S. playing field. This changes the dynamic significantly because our public isn’t prepared to deal with this level of involvement, if the first blows are struck at home. It shouldn’t come as a surprise to say that people would freak out if they lost Netflix for a day, so we certainly can’t afford something more serious that would disrupt their lifestyles or livelihood in a more impactful way with an attack on the electrical grid or a serious disruption to the financial sector.
What we’re seeing is shared expertise between nation states when for example Iran is adopting more of a Russian and Chinese approach where the lines are blurring between government and private sector criminal activities. For example, tools are increasingly shared and the same infrastructure is used, meaning a country like Iran has more resources and can become more aggressive in their coordinated attacks. This strategy will only continue to evolve, making the imperative for effective public/private information sharing more important to counter a threat that is certainly working in concert with other adversaries.
DJ: What are the main threats for 2021?
Williams: Next year, one of the biggest areas we will see nation-states put more effort behind is cyberattacks against space infrastructure. I think we will see attacks on communications systems or GPS that is relied on by air traffic control and almost every other industry. Based on the competitive nature of our past, as Russia and China continue to try and develop their own navigation technologies they will find opportunity and want to impact ours. Ultimately, in 2021 we will see the start of several new “space races” during which our adversaries will be not only working on their own efforts but also trying to infiltrate our systems and disrupt any success we have had.
More about Cybersecurity, Cyberattack, Security
 
Latest News
Top News