Cybercrime , Fraud Management & Cybercrime , Government

How Global Threat Actors May Respond to a Second Trump Term

Experts Warn of Intensifying Global Cyber Threats During a Second Trump Presidency
How Global Threat Actors May Respond to a Second Trump Term
Experts warn of intensified Russian attacks on countries aligning with the European Union. (Image: Shutterstock)

Global threat actors are already prepping for former President Donald Trump's second term, say cybersecurity experts who predict intensified Russian hacktivism, escalated attacks on Western countries and increased AI-driven disinformation in conflict regions.

See Also: Advancing Cyber Resiliency With Proactive Data Risk Reduction

Under President Joe Biden, the United States announced a series of indictments and law enforcement actions against Russian threat actors for their involvement in global disinformation campaigns (see: US Busts Russian AI-Driven Disinformation Operation). Security researchers say that Trump’s return to the White House could motivate the Kremlin to escalate cyberattacks on Moldova and other countries aligning with the European Union, with recent Russian activity in the Balkans already targeting government entities to weaken infrastructure and erode trust in Western alliances.

"An emboldened Russia might increase DDoS attacks against western leaning states in the Balkans, Georgia, and Moldova while increasing the use of AI-generated disinformation campaigns throughout Western Europe," said Lou Steinberg, founder of the cybersecurity research lab CTM Insights. Steinberg told Information Security Media Group that Russia has targeted countries in the region like Kosovo for its support of Ukraine, as well as countries like Moldova "to undermine trust as countries drift closer to EU membership."

"Buckle up, it's likely to be a bumpy ride," he said.

A second Trump presidency could also exacerbate cyber threats in the Middle East as regional groups escalate DDoS attacks on Israel’s allies and Iran covertly targets Western infrastructure to deter support for Israel. The domestic and global cyber threat landscape may even escalate to new heights in the coming months during a potentially turbulent political transition, according to Neal Higgins, attorney at Eversheds Sutherland and former deputy national cyber director for cybersecurity at the Office of the National Cyber Director.

"Pressure from our adversaries remains constant, and they will look for any opening to advance cyber and information operations targeting our critical infrastructure, economy, and political discourse," Higgins said. "That’s why it’s essential that we not let our guard down during a time of transition."

Trump has yet to announce key cyber positions in his transition team and administration, though experts have previously indicated the former president could seek to reshape federal approaches to AI regulation, industry investment and national security (see: How Trump's Victory May Spark Tech and Cyber Policy Shift). Threat actors will likely target governments included in NATO while capitalizing on uncertainty surrounding the direction of the alliance under a second Trump presidency said Jeff Le, vice president of global government affairs and public policy for SecurityScorecard.

"These traditional spheres of Russian influence may be more target-rich as potential Western divisions foment," Le told ISMG. "Hitting additional countries could spread Western allies thin in a coordinated response."

Experts predict heightened aggression from China and North Korea, with Beijing intensifying cyberattacks on critical infrastructure, potentially mirroring the Salt Typhoon campaign. Congress demanded responses from telecom giants in October after reports that suspected Chinese hackers linked to the Salt Typhoon group breached major broadband providers' infrastructure, targeting systems involved in court-authorized wiretaps (see: Congress Seeks Urgent Action After Chinese Telecom Hack).

North Korea is expected to continue targeting cryptocurrency funds, reinvesting funds into advanced cyber tools.

Ransomware groups could see a resurgence, especially if the international ransomware initiatives created under the Biden White House lose focus under the new administration (see: White House Pledges Major Deliverables at Ransomware Summit).

"It's no secret that times of uncertainty, change and disruption are prime opportunities for threat actors to increase efforts to infiltrate systems," said Brian Fox, chief technology officer for the software supply chain management firm Sonatype, noting how the Cybersecurity and Infrastructure Security Agency "plays a vital role in defending our government's infrastructure and defense systems from nation-state threats."

"It will be imperative for national security efforts for CISA to continue to play a major role in both protecting government infrastructure and guiding private enterprises on best practices," he added.


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.