In a recent threat assessment report, the intelligence community has warned that U.S. adversaries are increasingly using cyberspace to attack the country. Nation-states are now using cyber operations to target the critical infrastructure of the targeted countries, which raises the possibility of more destructive cyber activity.
What’s in the report?
The report is compiled by the Office of the Director of National Intelligence. It states that nation-state actors are attempting more aggressive cyber operations that could affect the civilian populations as well.
The assessment says that China is a prolific and effective cyber-espionage threat that possesses notable cyberattack capabilities. China’s pursuits of technologies increase the risk of cyberattacks against the U.S.
Iran is carrying out influence operations in cyberspace, along with spreading disinformation online about the U.S., in which it is spreading fake threats, recirculating anti-U.S. content, and other things.
North Korea has committed several online crimes against financial institutions as well as cryptocurrency frauds to fund its government programs (such as its missile and nuclear programs).
In addition, North Korea could have possessed the capability to cause temporary and limited disruptions of some critical infrastructure networks and interrupt business located in the U.S.
Recent attacks on U.S. agencies and businesses
The U.S. is continuously being targeted by state-sponsored threat groups for intelligence gathering, disruption, or other purposes. In recent months the country has faced several state-sponsored cyberattacks.
The U.S. agencies NSA, the FBI, and CISA, and the U.K.'s NCSC have accused APT29, the Russia- based threat group, to be responsible for the SolarWinds software supply chain attack that exposed approximately 18,000 customers worldwide.
An Iran-based threat group, Charming Kitten, ran a highly targeted credential-theft campaign. It targeted research facilities and senior workers of medical institutions in the U.S.
Conclusion
State-sponsored adversaries are expected to continue using cyber tools to target the U.S. and foreign businesses. In addition, major adversaries are enhancing their cyber capabilities that raise the risks to the U.S. and allied forces. Thus, organizations need to be prepared to defend themselves with adequate security measures in place.