The cybersecurity industry is under pressure to turn the tide against hackers whose public and private sector attacks are making the response of security professionals look leaden-footed.
The incoming Biden administration must take proactive steps to better secure US government departments against attack, including a push for more robust cybersecurity standards and better information sharing.
The cybersecurity sector itself must also show it is not impotent in the face of increasingly sophisticated attacks, which have prompted talk in the US of a national cybersecurity emergency. Late in 2020, FireEye admitted attackers backed by the Russian government had breached its network.
The industry is still dealing with the fallout from a dreadful 2020 that began in January with a ransomware attack on an Oregon county and a zero-day vulnerability at Mitsubishi Electric and ended with an extensive cyberattack involving SolarWinds’ Orion network management software, which impacted the US government.
Prioritizing cybersecurity in the Biden administration
The Biden administration faces calls from US government cybersecurity specialists to prioritize cybersecurity during its first 100 days. That will include taking action to broaden government engagement on tackling cyber threats like ransomware, a key area of concern across the public and private sectors.
Several security vendors have formed the Ransomware Task Force (RTF), which plans to present policy ideas to the administration by early spring. The task force includes McAfee, Microsoft, Rapid7, and cyber advocacy groups such as the Cyber Threat Alliance and the Global Cyber Alliance.
Ransomware is unique in that it has no specific infrastructure. According to an attorney in Microsoft’s Digital Security Unit, one way to tackle ransomware involves targeting the payment distribution system that supports it.
Another area of concern is the growing number of ways both government agencies and private-sector companies can be attacked. These include the theft of private keys for single sign-on (SSO) infrastructure to bypass two-factor authentication.
The Biden administration will also need to find a new head for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). President Trump fired its former director Chris Krebs after he described the 2020 presidential election as “the most secure in American history.” Solar Winds has hired Krebs to help it recover from the recent breach.
A cyber world turned upside down
The sudden move to remote working turned the cybersecurity world upside-down in 2020. After millions of workers were forced to work from home in March, the number of cyberattacks mushroomed. By August, the US Federal Bureau of Investigation (FBI) had reported that complaints about cyberattacks to its Cyber Division were up to 4,000 a day, a 400% increase from pre-pandemic levels.
Cybersecurity professionals – most of whom were also working remotely – spent most of the year struggling against the torrent of Covid-19 cyberattacks. In future, as GlobalData’s Thematic Research Cybersecurity report has discussed, those attacks may be AI-driven.
Task force must set a higher bar
Amid all the other 2020 attacks, it was an attacker-modified update to the SolarWinds Orion network management product that compromised companies and US government agencies and set alarm bells ringing.
Around 18,000 of the company’s 33,000 customers updated their software between March 2020 and June 2020, inadvertently installing a backdoor for attackers.
A task force that included the FBI and CISA suggested that the 18,000 affected customers included fewer than 10 US government agencies. However, this is still an unacceptably high number, given the hack’s potentially disastrous impact and considering that the US treasury and commerce departments were both affected.
Further attacks on remote workers are guaranteed, revelations are still emerging about the SolarWinds hack, and scammers are using public interest in Covid-19 vaccines to obtain personally identifiable information. There is, therefore, little prospect that 2021 will be a happier new year for either consumers or organizations.