Geopolitics is likely to underpin cybersecurity threats throughout 2020. International politics have always centered on nations seeking to surpass their rival nations, both economically and militarily. The rivals involved haven’t changed in decades; but the primary battleground has moved to the internet.
2020 may prove a pivotal year for this rivalry with the U.S. presidential elections and what amounts to a current global trade war. Some aspects of this trade war will probably not increase aggressive cyber activity (for example, France’s plan for a digital tax on U.S. service companies has been answered by a threat to impose duties of up to 100% on a variety of French products, such as champagne, imported into the U.S.). The U.S./China trade war, however, is on a different level; and will undoubtedly lead to increased Chinese cyber activity against western economies, and especially the U.S. economy.
A close ally to a direct trade war is international economic sanctions — the negative effect on the economy of the targeted nation is similar to, but more severe than, trade embargos. Russia, Iran and North Korea are all targets of western sanctions; and all three are engaged in aggressive cyber activity against the west, and the U.S. in particular.
This is further complicated by globalization, with major national corporations either already embedded or striving to embed themselves within rival nations. National manufacturing has become dependent upon international components, and while this can cause political problems (for example, Huawei in the west), it limits the potential for further global balkanization of the internet while simultaneously increasing the supply chain threat.
This is against the background of the 2020 presidential election, where the four main foreign adversary nations will undoubtedly meddle. Russia is likely to welcome the re-election of Donald Trump, and will continue to stoke the Brexit divisions in the UK. The rise of right-wing politics in both the U.S. and Europe has weakened international alliances and cooperation in both areas, suiting Russia’s global aims. China, Iran and North Korea are thought to prefer an alternative president who may prove more amenable on trade and sanctions.
This is the background that Steve Durbin, managing director of the 10,000-strong Information Security Forum, believes will drive cybersecurity throughout 2020. He sees three areas for concern: an international race for technological supremacy; the supply chain and IoT; and a blurring between cybercrime and nation state activity. All, however, are underpinned by geopolitics that are not likely to change — even if the trade war was ended in January.
The race for technological supremacy is focused around nation-state activity and fed by geopolitics. “In 2020, the US and China will increase restrictions and protectionist measures in pursuit of technology leadership leading to a heightened digital cold war in which data is the prize,” comments Durbin. “This race to develop strategically important next generation technology will drive an intense nation-state backed increase in espionage.”
The tensions between the U.S. and China are not limited to technology alone, but stem from the mutual belief that each country is trying to dominate the other. “Technology is a hot potato,” Durbin told SecurityWeek. “But there is a belief in the U.S. that China is pursuing an anti-American landgrab. Look, for instance, at the way in which China has been investing in road and sea links beyond China and into Europe, buying up ports, etcetera. There is concern in the U.S. that this is almost a Chinese imperialist landgrab.”
Increased state-level cyberespionage feeds into another of Durbin’s predictions for 2020 — the increased blurring of the relationship between elite criminal gangs and their respective governments. “We know that some adversary states outsource parts of their hacking activity to gangs in order to preserve deniability,” he said.
But this is unlikely to be one-way cooperation. “Then comes the question,” he added, “if you’re doing that, are you also providing additional resources — which could be financial, it could be skill sets, it could be a variety of resources — to help some of these gangs. What is the quid pro quo? It’s difficult to prove one way or the other, but there is a general belief that this is going on.”
If nation state hacking increases, it will almost certainly be paralleled by improved resources for the more advanced criminal gangs. This is another concern for 2020. Nation state attacks will increase through the geopolitical situation, but criminal attacks will likely be more advanced and better resourced as an effect of those same geopolitical tensions.
Geopolitics also underlies increasing concern over international supply chains, and the growing dependency on IoT and IIoT devices manufactured, or at least assembled from components manufactured, abroad. Many of these components come from China, and with little transparency into the supply chain, there is growing worry that IIoT devices could be compromised by foreign powers before being used by American critical industries.
The foreign threat to critical industries is probably not the old-fashioned view of death and destruction warfare, but more one of civil disruption and chaos. The perfect example would be the financial industry. With increasing reliance on technology-driven purchasing, the problems caused by a complete failure in online finance would be catastrophic with no ability to use phone-based payments and no access to cash.
The coming IoT threat isn’t limited to industrial IoT — smart homes are likely to become targets. “The attack surface in smart homes is increasing. People like devices. We even have smart robot vacuum cleaners able to take photos,” commented Durbin.
At the same time, there is an increasing level of working from home. “This has two impacts,” continued Durbin. “At the corporate level, the challenge for enterprises is to ensure that their employees are operating within a safe and secure environment when working at home. But it also raises the possibility of attacks on the individual. Once inside a smart home, attackers have the potential to gain access to everything on the individuals’ computers, including passwords and payment data.” It is a form of supply chain attack, where — metaphorically — the vacuum cleaner shoulder-surfs the householder. Politicians, high profile individuals, and CEOs will potentially become targets for extortion in their own home.
Underlying, and certainly impacting, much of the cybersecurity threat we can expect throughout 2020, are global geopolitical tensions. If politics lies at the root, we need to ask if politicians should take a stronger role in solving the problems. The answer is ‘yes’, but the reality is unlikely.
“I think part of the challenge with politicians is that they are politicians,” Durbin told SecurityWeek. “The primary interest of the majority is simply staying in power and getting re-elected. Most of them — and this particularly applies to the UK — are career politicians. They’ve never done anything else; they’ve never been in industry and they have no clue about anything than other than being a politician.”
That could be fine, he continued, if you then surround yourself with the right experts and listen. “But you’re always going to have this conflict between the need to earn a living as a politician versus the other things. If we look at instances — like the porn censorship proposals in the UK [politically expedient but technological nonsense] and some of the congressional hearings in the U.S. with Facebook and others, clearly these are politicians out of their depth. The question has to be, if you get to that position of power, how can it be that you haven’t got the first clue? How can it be that you are not being briefed appropriately?” For now, political expediency will always trump cyber necessities — especially in an election year.
Solutions to the rising threats of 2020 will not come from government — as always, organizations will need to take the lead in protecting themselves. “The coming year will be volatile, but targets will be predictable,” says Durbin. “To survive in the new digital world, organizations will have to adapt. To thrive they must evolve.”
Related: Geopolitical Tensions Fuel Worsening Cyberattack Scenario
Related: The Future of Cyber Through the Eyes of an Intelligence Firm
Related: The Increasing Effect of Geopolitics on Cybersecurity
Related: Understanding Geopolitics Key to Analyzing Cyber Espionage