Cyberattacks have increased in recent years, with healthcare and other critical sectors coming under increasing digital assault as the threat of malware such as ransomware and foreign spyware continues to evolve.
Last year in particular, officials and lawmakers renewed their focus on cybersecurity and sought to protect the nation’s critical sectors from rising cyber threats. The issue is expected to continue to take center stage in the coming year as many of these threats continue to escalate as the cyber industry faces an ongoing labor shortage in its efforts to strengthen the digital defenses of the United States.
Here are four cyber concerns that should be priorities in 2023.
Threats to critical sectors
The financial, energy and healthcare sectors are all facing an increasing number of hacks. Cyberattacks have stolen hundreds of millions of dollars from companies in these industries, exposed data and even disrupted essential services, such as when a ransomware attack forced the Colonial Pipeline to shut down in 2021, causing gas shortages in several States.
The healthcare sector in particular has seen an increase in cyberattacks over the past few years, especially ransomware attacks targeting hospitals in order to gain access to sensitive information such as patient data or medical research and technology. Growing threats to the sector have set off alarm bells in Washington, with Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, warning this fall that cyberattacks could lead to processing delays and even the death of patients.
Authorities have already stepped up efforts to protect critical sectors from these evolving threats and have indicated that this will remain a top priority this year.
Anne Neuberger, White House deputy national security adviser for cyber and emerging technologies, said in October that the Biden administration had placed a relentless focus on securing these sectors — especially those where disruptions could lead to hazards, such as in hospitals, the oil and gas industry, and companies that transport chemicals.
“Our concerns have evolved to where we are most concerned about the degradation or disruption of critical services,” Neuberger said.
But lawmakers and industry experts have called on federal agencies to step up their efforts in recent months.
Securing critical infrastructure such as the energy and healthcare sectors plays a key role in mitigating cyber risks, said Josephine Wolff, associate professor of cybersecurity policy at Tufts University Fletcher School of Law. and Diplomacy.
“All of those areas are areas where I would say we can still do a lot to try and build defenses and build resilience,” Wolff said.
In a letter to the Department of Health and Human Services in August, Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.) expressed appreciation for the steps taken by the Biden administration to respond to cyber threats aimed at the healthcare sector – but said more action was needed.
“However, we remain concerned about the lack of robust and timely sharing of actionable threat intelligence with industry partners and the need to significantly increase the Department’s capabilities and resources. With the exponential growth of cyber threats, we must prioritize the fight against [health care and public health] the industry’s shortcomings in cybersecurity,” they wrote.
Zinet Kemal, cloud security engineer at Best Buy, said the government should continue to work with industry leaders to identify and resolve vulnerabilities found in critical sectors as well as create contingency plans to respond to cyber incidents.
“I think they need to work with industry to make sure systems are protected against cyber threats,” she said.
Ransomware attacks
The past few years have seen a particularly dramatic increase in ransomware attacks, particularly targeting the healthcare and financial sectors.
In the past year alone, ransomware groups have caused outages in several hospital systems, temporarily closed schools in parts of the United States, carried out multimillion-dollar hacks on a number of companies and pushed the Costa Rica to declare a state of emergency in May in the form of a barrage of attacks. impacted its government services.
Fighting ransomware at home and abroad is also expected to take priority this year, as the United States and its allies come together to counter the heightened threat. In 2021, the Biden administration, along with several other countries, launched its first annual initiative to counter ransomware on a global scale.
In November, the White House held its second International Ransomware Initiative Summit, where it invited more than 30 countries to discuss steps they can take to curb the rise of ransomware around the world.
“Ransomware is a pocket-sized problem that affects thousands of businesses and individuals around the world every year,” the White House said in a press release.
During the summit, the countries presented several initiatives, including the establishment of an international task force against ransomware, the active sharing of information between the public and private sectors and the taking of joint measures to prevent ransomware actors. to use the cryptocurrency ecosystem.
The Australian-led ransomware task force is expected to become operational in January, CyberScoop reported.
Australia is leading the task force “because they’ve had very significant ransomware attacks,” including one that targeted one of the country’s largest private health insurers, a senior administration official told CyberScoop.
Wolff said that while ransomware will certainly remain a hot topic this year, she believes the United States and its allies have to some extent reached their capacity when it comes to solving the problem, unless other big countries like Russia decide to join the initiative and support it.
“I think what we’re most likely to see with this initiative is countries like the US and the UK trying to help countries with less capacity to investigate ransomware and build capacity “, she said.
Foreign spyware
Foreign spyware drew attention last year following controversy surrounding Israeli spyware company NSO Group, which was blacklisted by the Commerce Ministry in 2021 for allegedly facilitating illegal surveillance used against government officials, journalists, dissidents and human rights activists.
Congress has since taken action to address the allegations. In July, the House Intelligence Committee included a provision in the Intelligence Authorization Act authorizing the Director of National Intelligence to ban the US intelligence community from purchasing and using foreign spyware.
The bill would also allow the president to impose sanctions on foreign government officials and companies that target US officials with spyware. The legislation was included in the National Defense Authorization Act of 2023 and has since become law.
Foreign spyware advocates hope more will be done in the future to address the problem as threats continue to evolve.
Mike Sexton, senior cybersecurity adviser at Third Way’s national security program, said while some steps have been taken in the past year to counter foreign spyware, there’s still a long way to go.
“I think the 2021 NSO Group blacklisting was really good, but I think it’s important not to rest on our laurels on this,” Sexton said.
Rising cyber threats have brought new urgency to a longstanding labor shortage in the industry as federal agencies and private companies scramble to fill key positions in cyberspace.
Labor shortage
The industry has sought to address the shortage by investing in workforce development and is expected to continue to do so in the future.
The Department of Homeland Security said tackling the shortage was a top priority for the agency. Previously, he tackled the problem in 2021 by organizing a 60-day hiring sprint to hire cybersecurity professionals. Of the 500 job offers sent by the department, the department was able to hire nearly 300 new cyberworkers.
National cyber director Chris Inglis, who is due to retire in the coming months, has also pushed the government to hire more tech and cyber workers.
“We’ve been able to fill two-thirds of the jobs that contain the words cyber and IT, and that’s the good news,” Inglis said at a cyber event in October.
However, he said there was still a long way to go as at the time a third of those jobs were still vacant.
Inglis also hosted a Cyber Workforce and Education Summit in July, where participants committed to improving diversity and inclusion in the cyber domain as well as developing a national strategy on cyber workforce and education.
Experts said they expect more government funding designed to help with workforce training and educational initiatives, including partnering with the private sector and universities to increase the cyberworker pipeline.
“To fill this gap, going forward, I think it’s important that organizations and governments invest in training and education programs that develop the next generation of cybersecurity professionals,” Kemal said.
