Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S.

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S.

America’s critical infrastructure, the Federal government, and commercial institutions are undoubtedly under attack. The sophisticated cyber threats facing the country emanate from various parts of the world. A wide selection of state actors and hacker groups are working tirelessly to paralyze critical infrastructure, steal sensitive information, and conduct cyber warfare.

These threats are also directed at individuals. Cybercriminals hack into computers, smartphones, and databases to steal social security numbers, credit card details, and login credentials.

Recent Attacks

In recent months, the U.S. has experienced a spate of ransomware attacks aimed at critical infrastructure, government agencies, and prominent companies. The targets include the Colonial Pipeline, municipal servers, and a meat-producing company, JBS. According to reports, attackers netted ransom money worth approximately $350 million in 2020 alone. Victims paid the ransom using digital currencies – mainly Bitcoin.

Ransomware attacks also affected healthcare centers, police departments, educational institutions, and the state government in 2020.

The United States witnessed a sharp rise in ransomware attacks following the Colonial Pipeline hacking. Cities and ferries took hits as bad actors intensified their illegal activities.

According to recent reports, hacker groups have been targeting federal networks for many years. More than three billion attacks occur in the United States annually. On the other hand, the cost of hardening the security of networks is significantly high. A Bloomberg study revealed that government agencies could block up to 95 percent of attacks by increasing cybersecurity budgets sevenfold.

Sources of Attacks

A report presented to Congress in 2011 showed that China and Russia employ hacking to steal sensitive technology and economic information. The report stated that these two countries adopted the strategy as part of their national policies. Information stolen from the United States helps Russia and China gain a competitive advantage. Both countries view the U.S. as a strategic competitor.

China boasts the most advanced cyber espionage and warfare capabilities. It leverages its extensive resources to launch aggressive cyberattacks on the United States and other countries. The Asian country hosts countless hacker groups and cyber warfare military units. These groups and units work tirelessly to deploy logic bombs in strategic U.S. targets.

Meanwhile, Russia takes advantage of its technological prowess to launch sophisticated attacks against specific targets. The country allegedly launched attacks against Estonia and Georgia’s government and banking websites.


The Colonial Pipeline incident triggered serious concerns about cybersecurity in the oil industry. It forced President Joe Biden to sign an executive order to harden cyber defenses of the nation’s businesses, government agencies, and critical infrastructure.

Congress approved a bill to invest $500 billion in local and state cybersecurity. However, various stakeholders still need to implement more changes before the crisis comes under control. Some experts recommend enforcing strict cybersecurity guidelines for privately owned critical infrastructure.

Approximately 85 percent of critical infrastructure in the United States is in private hands. The companies operate water systems, electric grids, and pipelines. A significant portion of the critical infrastructure is vulnerable to ransomware attacks and other cyber threats.

On the other hand, experts consider the ransomware problem as far from over. As such, private companies and the government need to invest heavily in robust measures to thwart future threats.


Law enforcement agencies face considerable challenges when it comes to stopping the spate of cyberattacks. Hacking groups and state actors employ highly sophisticated tactics from multiple locations worldwide. In some cases, governments help protect criminals from prosecution or extradition.

Limited consequences to cybercrime contribute to the rising cases. As a result, American law enforcers explore legal and diplomatic channels to arrest the bad actors. The attackers’ capabilities also present another challenge to intervention efforts by local authorities.

Criminals prefer ransom payments in cryptocurrencies due to anonymity benefits. Colonial Pipeline paid $4.4 million in Bitcoin to recover its systems. Although the FBI confiscated some of the Bitcoin, bad actors claimed some degree of success.

Many cyber criminals use hacking tool kits sold on the dark web. It is also ironic that the National Security Agency (NSA) developed some tools employed by hackers. The tools ended up in the wrong hands after a hacking group known as Shadow Brokers allegedly infiltrated another group run by the NSA.

Shadow Brokers released the tool that helped other cybercriminals unleash the WannaCry ransomware attack. More than 45,000 targets in 99 countries took hits in the attack. United Kingdom’s National Health Service (NHS) was one of the most prominent targets.

More Like This

157-Year-Old Lincoln College Succumbed To A Ransomware Attack

157-Year-Old Lincoln College Succumbed To A Ransomware Attack On May 13th, 2022, a college that has remained open through two world wars, the 1918 Spanish flu epidemic, and the Great Depression will close its doors. The college has been struggling to stay afloat in recent years, and the coronavirus pandemic and a recent ransomware attack …

157-Year-Old Lincoln College Succumbed To A Ransomware Attack Read More »

Read More

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security …

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers Read More »

Read More

Zero Trust Networks: What Are They?

Zero Trust Networks: What Are They? The internet has brought a world of opportunity for businesses. It is easy for companies to reach out to consumers and offer them products or services without a physical storefront. However, this also opens businesses up to the risk of data breaches and cyber attacks. Cyber attacks can be …

Zero Trust Networks: What Are They? Read More »

Read More

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities

Original release date: April 27, 2022 Summary This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security …

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities Read More »

Read More

Can Ransomware Spread Through Business WiFi Networks?

Can Ransomware Spread Through WiFi? Ransomware has been a menace to businesses large and small for years, and the problem is only getting worse. One of the most insidious aspects of ransomware is its ability to spread through wifi networks, infecting multiple computers and devices. This can cause severe disruptions to business operations, as employees …

Can Ransomware Spread Through Business WiFi Networks? Read More »

Read More

AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure

Original release date: April 20, 2022 Summary Actions critical infrastructure organizations should implement to immediately protect against Russian state-sponsored and criminal cyber threats: • Patch all systems. Prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication. • Secure and monitor Remote Desktop Protocol and other risky services. • Provide end-user awareness and training. The cybersecurity …

AA22-110A: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure Read More »

Read More