New and Evolving Threats: Cybersecurity Flashpoints in 2021
The global leaders of FTI Consulting’s Cybersecurity practice analyzed major developments from their respective regions — including the fallout of the U.S. Presidential Election, Brexit, and the upcoming Tokyo Olympics — to forecast what to expect in the coming year.
Cybersecurity, already an essential consideration for all organizations, became even more critical in 2020, as malicious actors sought to capitalize on the societal confusion, fear, and uncertainty sown by a global pandemic. Organizations and individuals alike were targeted with sophisticated cyber attacks with record numbers recorded by law enforcement agencies across the world.
In the United States, the Federal Bureau of Investigation (FBI) reported seeing up to 4,000 cyber-related complaints per day at one point, a significant increase from pre-pandemic numbers. The United Kingdom’s National Cyber Security Centre said that around a quarter of the incidents it responded to were pandemic related.
Clearly, a global crisis and the shift to working remotely created an unprecedented threat landscape.
As 2021 approaches, it is vital to remain vigilant to cyber threats, with several potential flashpoints carrying worldwide implications if cybersecurity becomes an oversight. In response, the global leaders of FTI Consulting’s Cybersecurity practice analyzed major developments from their respective regions, including fallout from the U.S. Presidential Election, Brexit, and the 2021 Tokyo Summer Olympics, to put the trends and issues of 2020 into perspective and forecast what to expect in the coming year.
Trend/Issue: The Global Pandemic
FORECAST: Vulnerabilities exposed by the pandemic in the healthcare, life sciences, and pharmaceutical sectors will continue. Further, as organizations roll out their vaccines, they will come under intense pressure to maintain cyber resilience.
COVID-19 has sparked an increase in cyber attacks on organizations operating in the pharmaceutical, life sciences, and healthcare spaces, including a fivefold increase on the World Health Organization alone. The proliferation of connected medical devices and the growth of the Internet of Things further amplified the attack surface, with the potential for extremely damaging and costly consequences. This past year we saw nation-state actors targeting research institutions, lured in large part by the temptation to steal COVID-19 vaccine information. Further complicating vaccine rollout is the tracking of who has received the proper doses and how this information is stored and protected. Unsecure and personally identifiable information can quickly become a target of opportunistic cyber actors.
FORECAST: E-commerce firms will continue to be targets as the pandemic affects shopping behavior and the retail industry shifts into the digital age at unprecedented speed.
According to FTI Consulting’s 2020 Online Retail Forecast Report, online retail sales this year are expected to reach a total of $748 billion, an increase of 25% compared to 2019, with $71 billion of that attributable to the pandemic. This change in consumer behavior is increasing both the threat surface and cybersecurity risks for online retailers and raises a crucial question: How can e-commerce organizations grow in a sustained manner while maintaining a robust cybersecurity operation? A successful attack could result in mass disruption.
FORECAST: More organized and sophisticated cyber attacks will target remote environments.
Just as workforces and educational systems have adapted to functioning in a remote setting, cyber actors have evolved their tactics in response. Cyber criminals are exploiting vulnerabilities that accompanied the shift to a work-from-home environment, often capitalizing on nonexistent security controls on home networks, or lax cybersecurity awareness by users operating outside their normal environment. The success cyber actors experienced in leveraging this “new normal” suggests that targeting and attacking remote workers and learners will become more organized and sophisticated.
Trend/Issue: Cybersecurity Expectations of the New Administration
FORECAST: Misinformation campaigns will continue to run rampant.
The distribution of false information associated with the presidential election process became so widespread in 2020 that the Cybersecurity and Infrastructure Security Agency (CISA) created a webpage dedicated to controlling these rumors. Although the election is now behind us, threats from misinformation campaigns can be expected to persist, including those targeted at COVID-19 vaccines. Combatting these threats will require the Biden administration to immediately take action to curb damaging false messages by definitively condemning inaccurate reports and producing clear and factually supported information. One FTI colleague detailed how cyber actors are taking advantage of a remote working world to spread misinformation earlier this year and their success in doing so suggests that this tactic will continue in 2021.
FORECAST: The Biden administration will take a hard line with known nation-state threats.
The refusal of the previous administration to condemn Russia for a variety of widely accepted unlawful activity will likely come to an immediate halt under President Biden. We recently saw a successful cyber attack carried out by a nation-state, believed to be Russia, where sophisticated attack tools were stolen. Already on the radar of the incoming administration, this incident should increase efforts to prevent further brazen attacks by Russia. Whether Biden chooses to try to dissuade Russia with cyber attacks of his own, or via a more traditional route such as sanctions is yet to be seen, however. What can be expected is acknowledgement that Russia is a known threat and not a friend, and that steps will be taken to diminish their influence and the damaging effects of their cyber attacks. (We can expect a similar approach toward North Korea).
Trend/Issue: Impact of Brexit
FORECAST: Cybersecurity risks to supply chains will increase.
Following the end of the Brexit transition period on December 31, many organizations in both the UK and Europe will be looking to form new trading partnerships around the world. Organizations will need to be certain of their new partners’ cybersecurity posture and their ability to protect sensitive data. As UK-based firms shift to operating outside the EU, it becomes prudent to stress test and benchmark new suppliers as they are onboarded. Ensuring strong security processes are in place and adhering to industry standards and regulations to protect business from cyber attacks and personal data compromise under GDPR are all critical.
FORECAST: Cyber threat intelligence sharing will be impacted.
Robust cybersecurity is reliant on the sharing of top-quality cyber threat intelligence (CTI), in addition to joint remediation and mitigation actions. As the UK exits the EU, nation-state relationships will be impacted. Some nations may engage in closer collaboration, especially in the British Commonwealth, but other longstanding regional relationships could come under new pressures. Cybersecurity is a transnational endeavor, spanning multiple regulatory requirements and jurisdictions, meaning effective use of CTI requires a clear and accurate picture of the cyber threat landscape.
In recent years, the UK government has reported an increase in malicious nation-state cyber activity. To combat threats, such as those from the APT10 group, which saw nation-state actors target a range of industries to steal intellectual property, it is vital to share threat intelligence. Arguably, cross state collaboration against the ever-changing threat landscape is needed more than ever to build resilience, and UK intelligence chiefs have made it clear they stand against any attempts to make intelligence-sharing a ‘bargaining’ chip in Brexit negotiations.
Trend/Issue: Tokyo Summer Olympics (2021)
FORECAST: Nation-state threats will launch disruptive attacks and disinformation campaigns.
The Cyber Threat Alliance (CTA), an intelligence sharing organization, has assessed that nation-state actors will be the largest threat to the 2021 Olympics and its affiliated entities. Based on geopolitical tensions, prior attack history, and reputation, the usual players can be expected to actively target the Olympics. Although nation-state actors have the potential to carry out sophisticated cyber attacks, disinformation attacks will be highly likely as well because of their successes in 2020. Beyond that, nation-states are also capable of compromising systems through targeted ransomware attacks and affecting physical critical infrastructure. The ability to impact an event with the resources and scale of the Olympics highlights the need for global organizations to be aware and develop resilience strategies to deal with hostile nation-state actors.
Trend/Issue: 5G Cybersecurity Concerns
FORECAST: 5G adoption is accelerating. This will create blind spots.
All major smartphone manufacturers have now launched 5G devices. As network infrastructure also quickly develops, consumers will adopt this technology en masse. This new platform will need a higher level of complex security as it will revolutionize not only telecommunications but other technological advancements such as smart cities, defense facilities, and intelligent power grids. In its current state, with a lack of security infrastructure, hackers will attempt to detect blind spots and steal vital information or try large-scale DDoS attacks on a network of connected devices, which could in turn cause an entire network to crash.
5G technologies rely on high-speed digital infrastructure, which presents a great challenge in itself – not only to build modern infrastructure but also overcome the reliance on legacy systems. Both the public and private sector are heavily affected by this with almost 90% of technology budgets going toward legacy systems at the moment.
© Copyright 2020. The views expressed herein are those of the authors and do not necessarily represent the views of FTI Consulting, Inc. or its other professionals.
Senior Managing Director, Global Head of Cybersecurity
Senior Managing Director
Senior Managing Director
Senior Managing Director