At RSA Conference 2024, David Luber, director of cybersecurity at the National Security Agency (NSA), discussed current trends in the cyber threat landscape with his predecessor, Rob Joyce. The session, titled “State of the Hack 2024: NSA’s Perspectives,” marked the third annual discussion of its kind.
Their conversation explored various facets of cyber threats, including the ongoing Russia-Ukraine conflict, the Chinese hacking ecosystem, and the rising frequency of attacks targeting critical infrastructure. Luber emphasized the dangers of cyberattacks impacting physical systems, stating, “I think the area of most concern for me is when cyber can turn to physical.”
He elaborated, stressing that incidents involving critical infrastructure can have significant consequences, such as water systems overflowing. “You can just use your imagination on where some of those physical manifestations and impacts can occur,” Luber noted.
A primary focus of their conversation was the looming threat posed by Volt Typhoon, a Chinese nation-state hacking group known for its ability to evade detection and target critical infrastructure. Both Luber and Joyce expressed concern about increasingly emboldened cyber threat actors. “At some point, somebody’s going to land one of these in a place against critical infrastructure that’s going to matter,” said Joyce.
He cautioned that attackers may not fully understand the implications of their actions, possibly tipping the scales with catastrophic consequences. They also highlighted the recent Change Healthcare cyberattack, a significant issue for healthcare cybersecurity professionals.
“Just this year, the focus has been heavily on the Change Healthcare incident. That particular case had a significant impact on the U.S. economy and healthcare services,” he said.
Luber reiterated the national security implications of ransomware attacks, referencing the Colonial Pipeline incident, which first brought the issue to the forefront.
Joyce emphasized the importance of building resilient systems to minimize the need for ransomware payments. The NSA, he assured, remains committed to countering these threats while encouraging security professionals to stay vigilant and informed, leverage industry-government partnerships, and strengthen cybersecurity defenses.