By: Julio Rivera
The new year brings increased challenges to the cybersecurity front. Current trends show that cyberattacks will grow in frequency during 2019. The government’s cybersecurity efforts already got off to a rocky start due to a highly politicized government shutdown. Will the American government be ready to keep ahead of the pace of black-market hacking innovations and intelligence-seeking, malicious foreign actors?
In 2018, we saw a number of cyberattacks directed at both federal and state government entities. One notable example was a disinformation campaign carried out by entities linked to Iranian state media during the 2018 midterm elections. Other governmental organizations that were also targeted throughout 2018 include the U.S. Treasury suffering a spear phishing attack perpetrated by an Iranian cyberespionage group. This attack compromised the personal emails of U.S Treasury officials.
A U.S Navy contractor also suffered a data breach that resulted in the extraction of critical information on Navy submarine technology and weapons. The data hack netted the Chinese government 614 gigabytes of data. Among the stolen files were plans related to a supersonic anti-ship missile intended to be usable next year, details regarding a project known as Sea Dragon and the Navy Submarine Development Unit’s electronic warfare library.
According to a report by cybersecurity firm AllegisCyber, we can expect these types of incidents to continue throughout 2019. However, there are several emerging cyberthreats that could worsen an already delicate situation. According to a report done by the Office of the Director of National Intelligence (ODNI), foreign actors have begun conducting software supply chain operations where they attempt to inject malware in software before it is distributed.
Among the most prevalent emerging malware threats are the newer ransomware strains, such as Phobos Ransomware, which has been one of the most popular threats of its type in 2019 thus far. This particular malware encrypts files on an infected machine and subsequently makes demands to the computer user to pay a ransom fee to restore the encrypted files.
After the global outbreak of the WannaCry infection, which affected the UK’s hospital system, the growing concerns surrounding ransom and malware have propagated into other avenues of the tech world, including many large corporations and governments all around the world.
Another peripheral concern involves the fact that foreign governments, including China and Russia, have created laws that permit their central government to seize records of domestic businesses in the course of arbitrary “national security” requests.
Responding to this last year, the federal government began initiatives aimed at protecting America’s cyberinfrastructure. One significant step forward was President Trump signing the Cybersecurity and Infrastructure Security Agency Act (CISA) of 2018. This created a new agency within the Department of Homeland Security (DHS). The agency will be tasked with protecting the country’s critical infrastructure from cyberthreats. Additionally, Congress also passed the Hack the State Department Act, which would reward ethical (white hat) hackers for finding vulnerabilities and bugs in government systems.
Despite all this, our capability to defend ourselves from a cyberattack is not yet where it should be. To get there, the government will have to overcome several obstacles. Possibly the most critical obstacle is the government’s lack of skilled cyber personnel. The government has struggled throughout the years to acquire and retain experienced cyber staff, due in part, to more lucrative opportunities presenting themselves for workers in the private sector.
Another roadblock the country faces in its cybersecurity effort is the communication between government agencies. The federal, state, and local governments all have multiple departments within their jurisdictions. This makes it difficult to streamline cybersecurity policies and equipment across the various departments.
Finally, the ongoing government shutdown has brought to light a serious issue when it comes to our country’s cyber preparedness. The shutdown has had a negative effect on the administration’s ability to protect our vital cyberinfrastructure by causing an estimated 43% of CISA’s personnel to be furloughed, leaving the department nearly half-staffed. This not only hinders CISA’s capabilities to counter cyberattacks but also impedes them from hiring and retaining new talent, which was already a problem to begin with.
The loss of skilled personnel due to the shutdown will have a long-term effect on the agency’s effectiveness as the looming date of February 15th is circled on the calendar. The instability of government employment makes opportunities in the private sector, which are plentiful, more attractive to skilled IT professionals as well.
So, is the government ready to defend itself from the increasing cyberthreats and espionage in 2019? The short answer is, just barely. The government has acknowledged the importance of cybersecurity for the safety of our country and has begun enacting legislation to improve it. Nonetheless, at this point the administration is playing catchup. That isn’t the game plan to implement in a time where technology is advancing exponentially.