Nov 25, 2020 - Technology

The emerging cybersecurity headaches awaiting Biden

Illustration of a computer with a ice pack on it.

Illustration: Aïda Amer/Axios

The incoming administration will face a slew of cybersecurity-related challenges, as Joe Biden takes office under a very different environment than existed when he was last in the White House as vice president.

The big picture: President-elect Biden's top cybersecurity and national security advisers will have to wrestle with the ascendancy of new adversaries and cyberpowers, as well as figure out whether to continue the more aggressive stance the Trump administration has taken in cyberspace.

Here are details on some key challenges confronting Biden:

1. The ferocious growth of cybercrime groups

Where it stands: In the last few years, cybercriminal groups have become ever more brazen and sophisticated, increasingly seizing and encrypting victims' data in ransomware schemes that see them extort vast sums, sometimes in the tens of millions of dollars.

  • These cash-flush groups, many of which hail from Eastern Europe, are undiscriminating in their victims, with health care providers, local governments and research facilities all falling prey to their schemes.
  • In many cases, these private groups are as sophisticated as many nation-state groups — or even more so.

By the numbers: In 2019, the FBI’s Internet Crime Complaint Center “received 2,047 complaints identified as ransomware with adjusted losses of over $8.9 million.”

What's next: Cybercriminal groups will likely continue to target medical and research facilities focused on coronavirus treatments and vaccines — intellectual property with almost invaluable financial and geostrategic value.

  • The Biden administration will need to continue building connections with international partners, especially when it comes to degrading cybercrime networks abroad and apprehending wanted cybercriminals when they, say, vacation outside their home countries.
  • The administration will also need to clarify unsettled U.S. policies regarding legal liabilities that American businesses may incur if they pay ransoms to sanctioned cybercriminal groups.

2. The rise of the rest

Where it stands: Vietnam, the United Arab Emirates, Qatar and Saudi Arabia have all, to varying degrees, built up their cyber espionage capabilities during the Trump era, acting as smaller but increasingly sophisticated cyber powers that will merit more attention in the coming years.

  • Gulf states have already shown a willingness to employ hack-and-dump campaigns to influence U.S. politics and policy.

The intrigue: Vietnam is building up its cyber operations at least partially in response to fears over Chinese designs in Southeast Asia.

  • That could potentially make Vietnam an ally in the fight to stem Beijing's global influence, even as the U.S. looks to disrupt other cyber operations coming out of Vietnam.

What's next: How these countries choose to deploy their newfound powers could further upset regional dynamics, particularly in the Middle East, as well as bilateral relations with the U.S.

  • The trend toward online influence campaigns directed at the U.S. — whether perpetrated by Gulf states or other countries — may also intensify during the Biden years.

3. Managing U.S. offensive cyber operations

Where it stands: In 2018 the Trump administration publicly announced that it was scrapping Obama-era rules governing the U.S. military’s offensive cyber operations, and also secretly loosened the restrictions governing the CIA’s covert operations in cyberspace.

  • Since then, U.S. Cyber Command has undertaken a series of assertive actions aimed at degrading the infrastructure of Iranian, Russian and cybercriminal targets as part of Director Paul Nakasone’s strategy of "defending forward."
  • Meanwhile, the CIA has undertaken covert hack-and-dump campaigns against Russian and Iranian actors affiliated with those countries’ intelligence services.

Between the lines: There's wide consensus that Obama-era procedures for offensive cyber operations were too restrictive and deliberative, unnecessarily gumming up U.S. military and intelligence agencies that often work in highly time-sensitive environments.

What's next: The Biden administration will have to weigh whether the pendulum has swung too far in the other direction under Trump.

  • Has the current administration extended too much leeway, and too little oversight, to U.S. military and intelligence cyber-operators, whose actions can have acute geopolitical consequences? Will the Biden National Security Council amend the Trump-era regulations, or preserve them?
  • These decisions will have significant reverberations for U.S. national security.
Go deeper