Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management

US Counterintelligence Outlines 5 Key Priorities

Protecting Infrastructure, Intellectual Property Among Top Concerns

The agency that leads counterintelligence efforts for the U.S. has listed five key priorities for the year ahead that go far beyond protecting government secrets.

See Also: 2020 Cyberthreat Defense Report

In documents published by the U.S. Office of the Director of National Intelligence on Monday, the National Counterintelligence and Security Center notes that its priorities for 2020 are: protecting critical infrastructure; reducing threats to U.S. supply chains; guarding against the theft of corporation's intellectual property; battling against influence campaigns aimed at undermining democracy; and guarding against the use of new technologies, such as 5G and the internet of things, for spying.

"While past counterintelligence strategies categorized the threat by our top foreign nation-state adversaries, this one focuses on five key areas where foreign intelligence entities are hitting us hardest and where we need to devote greater attention," said William Evanina, the director of the National Counterintelligence and Security Center.

The report also says that the U.S. faces national security threats from countries such as Russia, China, Iran, Cuba and North Korea, as well as non-state entities such as ISIS. The report also outlines concerns stemming from "hacktivists, leaktivists and those with no formal ties to foreign intelligence services."

The National Counterintelligence and Security Center report notes that threat actors now have access to a wider range of cyber and espionage tools, including malware, encryption technology, big data analytics and biometric devices. These can be used to attack private businesses, academic institutions and government agencies. And they also can be used to sway public opinion, according to the report.

The report comes in the same week that the U.S. Justice Department announced that a federal grand jury indicted four members of China's People's Liberation Army for hacking into Equifax in 2017 and stealing data on 145 million American citizens.

Also, the U.S. is keeping up its efforts to convince its allies to ban the use of equipment from Chinese telecom equipment maker Huawei in the development of 5G networks, stating that the equipment could be used for spying and espionage by the Chinese government.

Five Priorities

One of the main threats identified by the National Counterintelligence and Security Center is attacks that focus on critical infrastructure.

Foreign adversaries could exploit vulnerabilities in networks to target businesses and organizations that underpin the U.S. energy sector or financial markets, which would cause widespread disruptions not only in the U.S., but around the world as part of a ripple effect, according to the report.

Officials at the center plan to expand information sharing with other government agencies and the private sector, including the owners and operators of critical infrastructure. The center also plans to form and train a community of officers to detect and counter threats to U.S. critical infrastructure and provide them with new analytic tools to help them prioritize threats.

The report also emphasizes that U.S. intelligence agencies need to do more to protect the country's supply chain, which includes a new emphasis on identifying high-risk software vendors and other firms selling technology services to American firms and government agencies. The risks include adversaries attempting to plant malware within IT networks and telecommunication equipment, according to the report.

Protecting against threats to intellectual property is another significant concern, according to the report.

"Adversaries use front companies, joint ventures, mergers and acquisitions, foreign direct investment and talent recruitment programs to gain access to and exploit U.S. technology and intellectual property," the report states.

To counter these types of threats, the center plans to increase information sharing with the private sector as well as develop new procedures to track foreign investment in the U.S.

The center also plans to counter the types of foreign influence campaigns that have targeted U.S. citizen and voters with disinformation, especially near election time. This has also been a priority for U.S. law enforcement, such as the FBI, as well as the U.S. Department of Homeland Security, which has been working with social media firms and tech companies (see: Report: US Struggled to Counter 2016 Election Interference).

In addition, the center will work to thwart efforts leveraging new technologies to collect intelligence and conduct cyber operations against the U.S. This is in line with U.S. efforts to convince its allies to ban the use of Huawei equipment in 5G networks (see: UK Considers Limited Role for Huawei in 5G Rollout: Report).

More Cooperation

Throughout the center's document, the emphasis is on greater cooperation among government agencies and the private sector.

"With the private sector and democratic institutions increasingly under attack, this is no longer a problem the U.S. government can address alone. It requires a whole-of-society response involving the private sector, an informed American public, as well as our allies," Evanina says.

A glimpse of that cooperation was spotted in January, when the U.S. National Security Agency publicly disclosed a significant vulnerability in some versions of Microsoft Windows. In the past, the NSA was likely to have kept knowledge of that flaw to itself as part of its cyber capabilities, but this time it chose to make the disclosure to help head off a potential attack (see: NSA Uncovers 'Severe' Microsoft Windows Vulnerability )