Cyberattacks have surged in recent years, with the health care system and other critical sectors increasingly coming under digital assault as the threat of malware like ransomware and foreign spyware continues to evolve.
Last year in particular saw officials and lawmakers renew their focus on cybersecurity and seek to secure the country’s critical sectors from rising cyber threats. The issue is expected to continue to take center stage in the coming year, as many of those threats are still escalating while the cyber sector is confronting an ongoing workforce shortage in its efforts to bolster the U.S.’s digital defenses.
Here are four cyber concerns expected to take priority in 2023.
Threats to critical sectors
The financial, energy and health care sectors are all facing a skyrocketing number of hacks. Cyberattacks have robbed companies in those industries of hundreds of millions of dollars, exposed data and even disrupted essential services, as when a ransomware attack forced the Colonial Pipeline to shut down in 2021, causing gas shortages in several states.
The health care sector in particular has seen a rise in cyberattacks in the last few years, particularly ransomware attacks targeting hospitals in order to gain access to sensitive information like patient data or medical research and technology. Increasing threats to the sector have set off alarm bells in Washington, with Sen. Mark Warner (D-Va.), chairman of the Senate Intelligence Committee, warning this fall that cyberattacks could lead to delays in treatment and even patients’ deaths.
Officials have already stepped up their efforts to protect critical sectors from those evolving threats, and have indicated that doing so will remain a top priority this year.
Anne Neuberger, White House deputy national security adviser for cyber and emerging technology, said in October that there’s been a “relentless focus” by the Biden administration on securing such sectors — especially those where disruptions could lead to hazards, such as in hospitals, the oil and gas industry and companies that transport chemicals.
“Our concerns have evolved to where we’re most concerned about degradation or disruption of critical services,” Neuberger said.
But lawmakers and industry experts have called for federal agencies to further increase their efforts in recent months.
Securing critical infrastructure like the energy and health care sectors plays a key part in mitigating cyber risks, said Josephine Wolff, an associate professor of cybersecurity policy at the Tufts University Fletcher School of Law and Diplomacy.
“All of those are areas where I would say there’s still a lot we could be doing to try and shore up defenses and build in more resilience,” Wolff said.
In a letter addressed to the Department of Health and Human Services in August, Sen. Angus King (I-Maine) and Rep. Mike Gallagher (R-Wis.) expressed appreciation for moves the Biden administration has taken to respond to cyber threats to the health care sector — but said more action was necessary.
“We remain concerned, however, about the lack of robust and timely sharing of actionable threat information with industry partners and the need to dramatically scale up the Department’s capabilities and resources. With cyber threats growing exponentially, we must prioritize addressing the [health care and public health] sector’s cybersecurity gaps,” they wrote.
Zinet Kemal, a cloud security engineer at Best Buy, said the government should continue to work with industry leaders to identify and address vulnerabilities found in critical sectors as well as to create contingency plans for responding to cyber incidents.
“I think they need to work with the industry to ensure that the systems are protected against cyber threats,” she said.
Recent years have seen an especially dramatic spike in ransomware attacks, particularly targeting the health care and financial sectors.
Last year alone, ransomware groups caused outages in multiple hospital systems, temporarily closed schools in parts of the U.S., carried out multimillion-dollar hacks on a number of companies and drove Costa Rica to declare a state of emergency in May as a barrage of attacks impacted its government services.
Tackling ransomware at home and abroad is also expected to take precedence this year as the U.S. and its allies have come together to counter the heightened threat. In 2021, the Biden administration, along with several other countries, launched its first annual initiative intended to counter ransomware globally.
In November, the White House held its second International Counter Ransomware Initiative Summit, in which it invited more than 30 countries to discuss steps they can take to curb the rise of ransomware globally.
“Ransomware is a pocketbook issue that impacts thousands of companies and individuals every year globally,” the White House said in a press release.
During the summit, the countries laid out several initiatives, including establishing an international counter-ransomware task force, actively sharing information between the public and private sectors and taking joint steps to stop ransomware actors using the cryptocurrency ecosystem.
The ransomware task force, which is led by Australia, is expected to become operational in January, CyberScoop reported.
Australia is leading the task force “because they’ve had some very major ransomware attacks,” including one that targeted one of the country’s largest private health insurers, a senior administration official told CyberScoop.
Wolff said while ransomware will certainly remain a hot topic this year, she thinks the U.S. and its allies have to some extent reached their capacity when it comes to addressing the issue, unless other major countries like Russia decide to join in and support the initiative.
“I think what we’re most likely to see with that initiative is countries like the United States and the United Kingdom trying to help countries with less capacity to investigate ransomware and build up their capabilities,” she said.
Foreign spyware garnered attention last year following controversy surrounding the embattled Israeli spyware firm NSO Group, which was blacklisted by the Department of Commerce in 2021 for allegedly facilitating unlawful surveillance used against government officials, journalists, dissidents and human rights activists.
Congress has since taken steps to address the allegations. In July, the House Intelligence Committee included a provision in the Intelligence Authorization Act authorizing the director of national intelligence to prohibit the U.S. intelligence community from buying and using foreign spyware.
The bill would also allow the president to impose sanctions on foreign government officials and firms that target U.S. officials with spyware. The legislation was included in the 2023 National Defense Authorization Act and has since become law.
Advocates against foreign spyware hope more will be done in the future to address the matter as threats continue to evolve.
Mike Sexton, a senior policy adviser for cyber at Third Way’s national security program, said although some actions were taken last year to counter foreign spyware, there’s still a lot more progress to be made.
“I think blacklisting NSO Group in 2021 was really good, but I think it’s important not to rest on our laurels on this,” Sexton said.
Rising cyber threats have brought new urgency to a long-time labor shortage in the industry as both federal agencies and private companies have scrambled to fill key cyber roles.
The industry has sought to address the shortage by investing in workforce development, and is expected to continue doing so moving forward.
The Department of Homeland Security has said that addressing the shortage is a top priority for the agency. Previously, it tackled the issue in 2021 by conducting a 60–day hiring sprint to hire cybersecurity professionals. Out of the 500 job offers the department sent out, the department was able to hire nearly 300 new cyber workers.
National Cyber Director Chris Inglis, who’s expected to retire in the coming months, has also pushed the government to hire more tech and cyber workers.
“We have been successful in filling two-thirds of the jobs that have the word cyber and IT in it, and that’s the good news,” Inglis said during a cyber event held in October.
However, he said there was still a long way to go because at the time, one-third of those jobs were still vacant.
Inglis also hosted a cyber workforce and education summit in July, during which participants pledged to improve diversity and inclusion in the cyber field as well as build a national cyber workforce and education strategy.
Experts said to expect more government funding designed to help with workforce training and educational initiatives, including partnering up with the private sector and universities to increase the pipeline of cyber workers.
“To address this gap, in the future, I think it’s important for organizations and governments to invest in training and education programs that develop the next generation of cybersecurity professionals,” Kemal said.