How to Deter Multidimensional Threats in the Connected World
Malicious actors involved in gang violence, drug trafficking, human smuggling, terrorist recruitment, foreign influence operations, and other activity have dramatically changed their methods of operation to take advantage of new and developing technical capabilities. This changing threat landscape makes it increasingly difficult for law enforcement, targeted communities, and the United States as a nation to respond.
Exploitation of the cyber domain almost always has a harmful impact on the physical world. This takes various forms, such as ransomware groups who identify their unpaying victims on their websites and human smugglers who use social media to facilitate illicit mass migratory movements.
However, malicious actors aren't just exploiting the connected world. In some respects, they're leveraging the connected world to undermine confidence in key institutions in our society, and it's having an impact.
Two years ago, we set out to better understand how threat actors are taking advantage of the online world to grow their criminal enterprises, encourage violent acts, and harm U.S. national security. To identify successes and gaps in tackling these issues, we evaluated findings about the multidimensional threat environment and the current methods used by law enforcement and security officials to counter the threat. In this blog post, we'll review the findings we published in our white paper, "Enhancing Cyber Safety in the Connected World — A National Framework for Action."
A Snapshot of an Evolving Threat Landscape
Globally, there has been a “massive increase” in ransomware attacks, with U.S. entities most heavily targeted, as Director of National Intelligence Avril Haines testified in May 2024. He specifically noted how attacks against the healthcare sector roughly doubled from 2022 to 2023. Additionally, Haines highlighted cyber actors' ongoing attempts to attack U.S. industrial control systems, which are used in many critical sectors, like water, food, agriculture, defense, energy and transportation.
At the same time, U.S. elections remain a prime target for foreign adversaries, particularly China, Russia, and Iran. Actors from these countries aim to exploit divisions in U.S. society and undermine confidence in democratic institutions, according to a joint warning from the top U.S. security agencies issued in April 2024.
“Nation-state adversaries use information operations and cyber intrusions hand-in-hand to further foreign malign influence goals,” explained the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Office of the Director of National Intelligence (ODNI) in their advisory.
All of these issues are exacerbated by the rise in the availability of generative artificial intelligence (GenAI). Malicious actors with less technical skills are using artificial intelligence to guide and improve aspects of their hacking operations, then-NSA director of cybersecurity Rob Joyce said at a conference at Fordham University.
“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” he said, as quoted by TechCrunch.
Want to learn more about these multidimensional threats? Check out our video below.
Four Pillars of a National Response
Through proof-of-concept initiatives, we found that rapid detection of emerging threats and evolving trends, along with speedy information sharing, is essential for U.S. federal, state, and local officials responsible for violence prevention, national security, and criminal investigations. Along those same lines, we determined that efforts centered around empowering local communities are critical in managing and responding to new and emerging threats.
The result of our efforts is a National Framework for Action developed with input from community groups and partner organizations. This Framework outlines four pillars to confront the problem.
Pillar 1: Improve Analysis on Emerging Threats
Pillar 1 emphasizes the importance of establishing a national, non-government, analytic clearinghouse infrastructure that serves as a repository for multi-source information and issues watches, warnings, forecasts, and analyses of hazardous cyber and online activity. The purpose of this information is to prevent or mitigate the effects of malicious behavior by multidimensional threat actors.
The objectives for Pillar 1 include the following:
- Foster private-public partnerships to better understand how criminals, foreign adversaries, and terrorists use the internet to achieve their operational objectives.
- Focus on acquiring information that improves the efficacy of investigative and crime prevention efforts.
- Educate U.S. state and local law enforcement personnel, civil society organizations, and policymakers regarding the use of social media and other internet-based technologies to inspire, facilitate, and inform illegal and often violent activities by foreign and domestic threat actors.
Pillar 2: Enhance Information Sharing
To better detect and respond to emerging threats, Pillar 2 calls for enhancing the United States' information-sharing capabilities.
Pillar 2 necessitates the creation of a national information sharing platform that fulfills three key objectives. First, it improves geographic mapping of threat-related incidents. Second, it allows for sharing of information regarding emerging threats and active incidents. Third, it integrates information gathering and sharing efforts by U.S. State, Local, Tribal, and Territorial (SLTT) law enforcement and non-government entities to better detect emerging threats.
Pillar 3: Educate and Empower
In support of Pillar 3, we as a community must build public-private partnerships to expand awareness of the new threat landscape as well as develop and implement initiatives that increase communities’ resilience to contemporary threats.
Pillar 3 requires organized and expanded efforts to build local resilience among communities targeted by threat actors. These initiatives must include bridging the gap between the national security community, civil society and philanthropic organizations, and local governments to ensure that everyone understands the threat environment has changed, that federal and state governments cannot address the new threat alone, and that civil society, philanthropic organizations, and local governments must collectively help meet this new challenge.
Pillar 4: Protect
Finally, the National Framework for Action highlights the need to support efforts by local communities to prevent acts of violence and other criminal activity inspired, facilitated, and informed by online activity.
Any national effort to address the evolving threat environment should include establishing a consistent level of capability across the United States for local communities to detect, evaluate, and manage the risk of violence or other illegal activity by those individuals who are influenced by malicious online content. This can be achieved by supporting local efforts to conduct threat/ behavioral risk assessments and deploy multi-disciplinary threat management strategies.
A Call to Action for a Whole-of-Society Approach
To make the connected world a safer place for people, businesses, and governments, we must work together to address multidimensional threats with adaptability and nationwide coordination. An effective response should involve government, academia, community groups, faith-based organizations, businesses, and other entities, each of which has a key role in preventing acts of violence and other illegal activity. Additionally, a concerted effort addressing the increasing use of advanced computing like AI by foreign and domestic threat actors as they engage in cyber, physical, and information operations will prepare society to counter these threats in the future.
This National Framework is a call to action that, if implemented, will support a whole-of-society effort to address this complex, volatile, and evolving threat landscape.
Ready to play your part?