Although we have entered a new year, the pandemic's socio-economic effects and continued political instability, expressed principally through online disinformation, loom larger than ever. When looking at anticipated cybersecurity trends for 2021, two digital trends accelerated under the pandemic and should be called out: the abusive use of technology by illiberal regimes under the guise of public health and safety, and increasingly cooperative public-private cooperation in the United States to counter cybersecurity risks and disinformation.
Autocratic regimes will leverage surveillance technologies bolstered amid COVID-19 for more effective control over their populations: Autocratic regimes often seek to maintain control over communication lines during times of disaster, and the COVID-19 pandemic was no different. In illiberal societies, those in power will seek to further escalate the surveillance capabilities that ramped up amid the pandemic to censor information and keep power in autocrats' hands.
As the coronavirus spread in China, for example, some cities installed security cameras in front of residents' homes to ensure they remained at home during their required 14-day quarantines. Whether or not individuals needed to quarantine was determined by smartphone software that categorized individuals' ability to travel based on their perceived risk; it also tracked their movements in real-time.
In recent years, Chinese leaders have invested billions of dollars in surveillance technology to monitor ethnic minorities and anyone the government deems a threat to its control. The Uighur Muslim minority group has been highly targeted, as Chinese officials fear they hold extremist and separatist ideas. Since 2017, as many as one million Uighurs have been detained in “re-education” camps, and in most cases their only crime is practicing their religion. In Xinjiang, a western region with a large population of Uighurs, an extensive system is in place that connects police stations, checkpoints, the locations of recent security incidents and surveillance cameras.
Indeed, it has become so routine in countries ruled by autocratic governments that there is a term to define the methods: high-tech illiberalism. The escalation of such actions amid the pandemic will likely force Illiberal regimes into sharper confrontation with the US government as it asserts increasing support for democratic norms globally.
Leaders in the public and private sector will continue to work together to counter disinformation and cyber-attacks: Disinformation has long been a cost-effective way for foreign governments to create unrest in the United States, including Russia’s disinformation operations during the 2016 US presidential election and its ongoing efforts to foster vaccine uncertainty within the US alongside China. Robby Mook, a senior fellow at Harvard’s Defending Digital Democracy program, said in a recent podcast that adversaries’ disinformation goals are not to further a specific agenda; instead, they want the US “to kind of turn on itself.”
In the face of increasing disinformation operations against the United States in advance of the 2020 US presidential election, U.S. Cyber Command took significant steps with the Cybersecurity and Infrastructure Security Agency (CISA) to prepare for foreign cyber-attacks, to include disinformation operations on American society and cyber-attacks on US infrastructure. Congress took a big step to bolster US cyber-defenses by including more than two dozen cybersecurity provisions in the 2021 National Defense Authorization Act (NDAA), using recommendations from the Congressionally mandated U.S. Cyberspace Solarium Commission. One provision (section 1715) focuses on setting up a joint cyber-planning center to deepen public-private cooperation to counter cyberspace operations of all kinds.
Outside of the US government, Twitter, Instagram and Facebook implemented new policies to counter disinformation relating to the election and COVID-19 by flagging posts believed to contain significantly altered or false information. At the end of 2020, President-elect Joe Biden took rhetorical steps to decrease domestic polarization – a precondition for disinformation. He also indicated that he will take a stronger line to improve the United States’ cybersecurity posture.
We should expect the US government to continue to invest in U.S. Cyber Command’s counter-offense capabilities to stop hostile foreign actors from organizing and executing cyber-space and disinformation operations against American institutions. CISA will also likely continue to rise as a lead agency for election security and cybersecurity planning. The new administration could also take a more forceful line against hostile actors with increased cost imposition, whether through sanctions or military cyber-space operations.
Progress within the executive branch, congressional implementation of the U.S. Cybersecurity Solarium Commission and continued policy innovation in the technology sector point towards the potential for meaningful change to improve the United States’ cybersecurity posture this year, and cybersecurity professionals can play a catalytic role. It will be a year of recovery physically, as vaccine distribution continues, and for our democracy, as the country continues to focus on quelling disinformation and reinstating public trust in democratic institutions.