Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime
Intelligence Report: 4 Nations Pose Serious Cyberthreat to US
ODNI: China, Russia, North Korea, Iran Can Launch Disruptive AttacksChina, Russia, North Korea and Iran continue to pose significant cybersecurity threats to the U.S. because each is capable of launching disruptive attacks, according to a report published Tuesday by the Office of the Director of National Intelligence.
See Also: Critical Infrastructure Cybersecurity & Risk Monitoring: Elections Infrastructure
Threats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal gangs that maintain mutually beneficial relationships with nation-states pose a threat to the U.S., the report notes.
"Foreign states use cyber operations to steal information, influence populations and damage industry, including physical and digital critical infrastructure," according to the unclassified document. "Although an increasing number of countries and non-state actors have these capabilities, we remain most concerned about Russia, China, Iran and North Korea."
The Office of the Director of National Intelligence released the "Annual Threat Assessment of the U.S. Intelligence Community" report Tuesday ahead of several congressional hearings scheduled this week that will examine a range of threats to the U.S. The first of these hearings is scheduled for Wednesday before the U.S. Senate Select Committee on Intelligence, and the leaders of the FBI, CIA and the National Security Agency are slated to testify.
The report follows a pair of assessments released in March by ODNI and the Department of Homeland Security that confirmed Russia and Iran attempted to interfere in the 2020 presidential election through disinformation campaigns. But the agencies also found no attempt by foreign hackers to directly manipulate vote tabulations or results (see: US Intelligence Reports: Russia, Iran Targeted 2020 Election).
China, Russia, North Korea, Iran
Previous reports over the last several years have also pointed to China, Russia, North Korea and Iran as posing the most significant cyberthreats to U.S. citizens and the federal government (see: Political Play: Indicting Other Nations' Hackers).
"Beijing, Moscow, Tehran and Pyongyang have demonstrated the capability and intent to advance their interests at the expense of the United States and its allies, despite the pandemic," ODNI says in its new report.
The report also notes that as these four nations attempt more aggressive cyber campaigns, other nation-states could be emboldened to attempt similar operations.
Here's a rundown of how the ODNI report sizes up the threats posed by each nation:
China: The nation's cyber capabilities, as well as its investment in newer technologies, continue to grow. As a result, China is capable of launching "localized, temporary disruptions to critical infrastructure" in the U.S. China also conducts cyber intrusions that affect U.S. citizens beyond the country's borders, including hacking journalists and stealing personal information.
Russia: This country continues to target critical infrastructure, including undersea cables and industrial control systems. "Russia almost certainly considers cyberattacks an acceptable option to deter adversaries, control escalation and prosecute conflicts," ODNI says in the report, which notes the nation was likely responsible for the SolarWinds supply chain attack.
North Korea: While its cyber capabilities are not as expansive as Russia's or China's, North Korea can disrupt U.S. critical infrastructure as well as software supply chains. The country is focused on targeting financial institutions and cryptocurrency exchanges both in the U.S. and elsewhere.
Iran: This nation has ramped up its cyber operations and can now target U.S. infrastructure. Iran is spreading disinformation and conducting more sophisticated cyberespionage campaigns, ODNI says.
Threats to Democracy
The report also builds on the assessments released earlier this year that several of these countries are seeking to undermine faith in U.S. democratic institutions and elections through the use of disinformation as well as by attacking journalists and religious minorities.
"Democracies will continue to debate how to protect privacy and civil liberties as they confront domestic security threats and contend with the perception that free speech may be constrained by major technology companies," the report states. "Authoritarian and illiberal regimes, meanwhile, probably will point to democracies’ embrace of these tools to justify their own repressive programs at home and malign influence abroad."