Days after the director of the National Counterintelligence and Security Center (NCSC) announced the ongoing efforts of foreign nations to interfere in U.S. elections, he offered five additional areas as the present and future of cybersecurity.
William Evanina, the director of NCSC, pointed to the cyber challenges of defending COVID-19 research, economic espionage, protecting critical infrastructure, supply chain safety, and traditional espionage as the threats apart from elections.
“Let’s not hide the fact that many nation-states around the world are attacking us on a daily basis with respect to our development of a vaccine,” said Evanina, in recorded remarks during the FCW Cybersecurity Workshop on August 11.
Last month, cybersecurity agencies in the U.S., United Kingdom, and Canada issued a joint advisory that said a Russia-linked group was targeting COVID-19 research. The July joint advisory followed a May warning from the FBI and other U.S. entities that said China-linked entities were targeting research organizations. Evanina also mentioned Iran as an actor in the space, adding that disinformation campaigns are a tactic used around vaccine research.
He said $500 billion is lost annually due to China’s economic espionage, primarily conducted through cyber means. The NCSC director said the whole society needed to “begin to stem the tide of the loss of economic data.”
Identifying the energy, telecommunications, and financial sectors as key critical infrastructure sectors, Evanina called the amount of cyber activity and attacks on those areas “depressing.” He added that the threats to critical infrastructure and supply chain go hand-in-hand.
“We, in the government, need to do a much better job of educating America and the private sector of how supply chains are penetrated and compromised by foreign nation-state actors,” he said. Specifically, Evanina mentioned cloud storage as a potential supply chain weakness.
The last challenge Evanina detailed is traditional espionage or insider threats, which includes American individuals who share information with foreign entities in violation of their security clearances. He called 2019 a “horrible year” for insider threats.