Despite dominating the headlines lately, Russia is not the only foreign cyberthreat endangering U.S. digital assets.
According to oral and written testimony from top intelligence officials, more than 30 nations are developing offensive cyberattack capabilities as of late 2016, including China, which continues to conduct cyber espionage operations against the U.S. assets.
James Clapper, the director of national intelligence; Marcel Lettre, undersecretary of defense for intelligence; and Admiral Michael Rogers, director of the National Security Agency and commander of the U.S. Cyber Command, appeared on Thursday before the U.S. Senate Committee for Armed Services to address non-domestic cyberthreats facing the nation. In their testimony, the three men warned that China, Iran, North Korea, terrorist groups and cybercriminal gangs all constitute viable threats, in addition to Russia.
“The Russians are the peer competitor to us, but I look at other nations. You look at China for example and the level of capability and investment they're making. I'm watching their abilities rise significantly,” said Admiral Rogers during the hearing. Rogers also said that Iran's and North Korea's capabilities “are currently at a moderate level,” but cautioned that the two nations have demonstrated a “willingness to employ cyber in some very aggressive ways that would be way beyond our normal risk...”
According to the joint testimony, China continues to conduct cyberespionage operations on U.S. government entities and corporations, despite a September 2015 bilateral agreement in which the two nations agreed not to support attacks on corporate data for economic advantage. The intel officials acknowledged that such activity has been occurring at a reduced level since the diplomatic campaign, and “without confirmation that stolen data was used for commercial gain.”
The written testimony also noted that China has also launched cyberattacks “against foreign targets that it probably believes threaten Chinese domestic stability or regime legitimacy.” It also warned that Iran continues to engage in cyberespionage propaganda and attacks, North Korea remains a threat after being linked to the infamous 2014 Sony Pictures hack, and terrorist groups “continue to use the Internet to collect intelligence, coordinate operations, raise funds, spread propaganda and incite action.”
In their joint written testimony, Clapper and his colleagues expressed concern over the rapid development of “disruptive, advanced technologies” across a highly connected world that give adversaries capabilities that were not possible a few years ago. Such threats compel the intelligence community and U.S. Cyber Command to harden systems and engage with partners more thoroughly, they noted.