Introduction

Cyber has become the connective tissue through critical state, economic, and social systems. As the newest domain, cyberspace encompasses a vast threat landscape and is characterized by a rapid evolution of tactics and techniques. Cyber incidents, involving both state and nonstate actors with differing motivations, have become “more expensive, more disruptive and in many cases more political and strategic.” The disruption of the information technology that underpins modern systems—whether through malicious intrusion or through data manipulation— constitutes an evolving security challenge. In 2021, a water treatment plant in Florida was hacked through remote access and the sodium hydroxide mix remotely changed to dangerous levels before being caught and reversed in real time by the plant operator. It follows high-profile attacks against state agencies, industries, and critical infrastructure such as hospitals and electoral systems, with the increasing sophistication and severity of cyberattacks elevating cybersecurity on the national security and popular agenda. While cybersecurity was once considered a technical issue focusing on CIA (confidentiality, integrity, and availability) of information systems, the field now encompasses social scientists, national security strategists and other professionals who approach cybersecurity from multiple directions.

What does the threat landscape look like in the immediate post-pandemic era? This chapter examines the role of COVID-19 in accelerating two cybersecurity trends. The first is the targeting of critical infrastructure. While critical infrastructure has traditionally been conceived as comprising public utilities, government agencies, and strategic industries, the pandemic has expanded the list of valuable targets to encompass public health infrastructure. This follows the previous expansion of critical infrastructure to include electoral systems in the wake of cyberattacks in 2016. During COVID-19, hospitals, research centers, and related industries were targeted by ransomware demands, exfiltration of sensitive data, and cyberscam operations. As businesses rapidly shifted to online operations, state and nonstate actors took advantage of weaker security protocols and the proliferation of remote work-from-home devices to infiltrate systems.

The second cybersecurity trend is the use of cyber-enabled disinformation, the latest evolution of cyberattacks in the information ecosystem. Malicious actors leveraging the connectivity of modern communication systems use deliberately false or misleading information to undermine collective action, undercut state response, and damage social cohesion.