The Office Of The National Cyber Director Releases 2024 Report On Cybersecurity Posture

On May 7, 2024, the Office of the National Cyber Director (ONCD) released the 2024 Report on the Cybersecurity Posture of the United States (the Report). The Report outlines the top trends of 2023, which include:

1. Evolving risks to critical infrastructure

Nation-state adversaries are developing strategies to attack U.S. critical infrastructure with no inherent espionage or intelligence value, and the intention is to disrupt or destroy U.S. and allied critical infrastructure. These attacks may strive to "enable disruption of operational technology systems in critical infrastructure and interference with U.S. and allied warfighting capabilities" and may be motivated to achieve "geopolitical objectives."

2. Ransomware

"Ransomware remains a persistent threat to national security, public safety, and economic prosperity." The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (ICS) received a 22% increase in reported ransomware incidents from American victims and the cost of ransomware attacks in 2023 reported to ICS had increased by 74% from 2022. Attackers are collaborating more and more on malware development, attack execution and ransom collection.

3. Supply chain exploitation

Threat actors are taking advantage of complex and interconnected relationships between suppliers, customers, vendors and service providers. This provides them with opportunities "to access victims at scale and complicate the efforts of defenders to identify and manage cybersecurity risks."

4. Commercial spyware

The commercial spyware market has grown significantly, and the highest bidder can have access to sophisticated and invasive end-to-end cyber-surveillance tools to remotely access electronic devices, monitor and extract content and manipulate components without the device owner's knowledge or consent. Moreover, these threat actors are now targeting "journalists, activists, human rights defenders, and government officials with greater frequency." Commercial spyware is also being "used against U.S. government personnel, information, and computer systems, presenting significant counterintelligence and security risks to the United States."

5. Artificial intelligence (AI)

The rapid and continued evolution of AI will present opportunities and challenges for cyber risk management. While AI will provide opportunities to defend critical infrastructure, cybercriminals, hacktivists, and others "may use these capabilities to conduct phishing campaigns, information operations, and other malicious cyber activity." Safeguards around the use and development of AI technologies may be required to protect American's privacy.

The Report also outlines 12 actions taken by the Federal Government during the reporting period, which include:

1. Establishing and Using Cyber Requirements to Protect Critical Infrastructure, including through the development and harmonization of regulatory requirements in multiple critical infrastructure sectors.
2. Enhancing Federal Cooperation and Partnerships to better support cyber defenders, including by increasing operational collaboration, improving Sector Risk Management Agency (SRMA) capacity, and integrating Federal cyber defense capabilities.
3. Improving Incident Preparedness and Response by rapidly sharing threat information, prioritizing support to victims, and reviewing significant incidents and campaigns to derive lessons learned.
4. Disrupting and Degrading Adversary Activity using all tools of national power, resulting in coordinated, high-impact disruption campaigns against a wide range of malicious cyber actors.
5. Defending Federal Networks at speed and scale, including by integrating Zero Trust Architecture principles across the Federal enterprise, modernizing legacy technology systems, and expanding the use of shared services.
6. Strengthening the National Cyber Workforce, including through the promulgation of a National Cyber Workforce and Education Strategy (NCWES) and engagement with workers, employers, students, and educators across the country.
7. Advancing Software Security to Produce Safer Products and Services, including by advancing Secure by Design principles, Software Bills of Material (SBOM), and memory-safe programming languages.
8. Enabling a Digital Economy that Empowers and Protects Consumers, including by launching a U.S. Cyber Trust Mark certification and labeling program and by promoting competition and accountability across the technology industry.
9. Investing in Resilient Next-Generation Technologies across the clean energy economy, issuing an executive order to guide Federal efforts related to artificial intelligence, and addressing security challenges present in the technical foundations of the Internet.
10. Managing Risks to Data Security and Privacy by enabling safe, data-rich cross-border commerce and promoting the development of privacy-enhancing technologies.
11. Enhancing Resilience Across the Globe by building coalitions of like-minded nations to provide support to victims of ransomware and other cyberattacks, align national policy, and promote secure and resilient global supply chains.

The Report states that "the Federal Government will build on accomplishments from the past year, continue to implement the recently released version of the National Cybersecurity Strategy Implementation Plan and the National Cyber Workforce and Education Strategy, and adapt its approach to address emergent challenges and opportunities presented by an evolving strategic landscape."

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.