Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

U.S. Intel Community: Russia, China Can Disrupt Critical Infrastructure

Russia and China are capable of disrupting critical infrastructure in the United States, and Iran is not far behind, according to the Worldwide Threat Assessment made public by the U.S. intelligence community on Tuesday.

Russia and China are capable of disrupting critical infrastructure in the United States, and Iran is not far behind, according to the Worldwide Threat Assessment made public by the U.S. intelligence community on Tuesday.

The assessment covers a wide range of threats, including cyber. Similar to the reports published in the past years, it warns that the US’s adversaries and competitors will increasingly use their cyber capabilities for political, military and economic advantage.

China and Russia continue to pose the biggest threat, but Iran, North Korea, non-state terrorists and profit-driven cybercriminals should not be ignored either, intelligence agencies said.

Cyber threat assessmentChina and Russia pose a threat not only for their cyber espionage capabilities, but also due to their influence operations and their ability to generate “localized, temporary disruptive effects on critical infrastructure.” The theoretical examples provided in the report describe China disrupting a natural gas pipeline for days or weeks, and Russia causing a power outage that lasts for at least a few hours.

Spy agencies have also warned that Iran is “also attempting to deploy cyber attack capabilities that would enable attacks against critical infrastructure in the United States and allied countries.” It is believed that Iranian hackers could disrupt a large company’s corporate networks for days or weeks, as demonstrated by the Shamoon attacks.

As for North Korea, intelligence officials are concerned about its ability to steal money from banks, conduct cyber espionage, and launch disruptive cyberattacks.

The threat assessment also describes online influence operations and attempts to interfere with elections. It is widely believed that Russia put a lot of effort into influencing the outcome of the 2016 presidential election in the United States and intel chiefs now warn that Russia, China, Iran and other adversaries have probably already started making plans for the 2020 elections.

“US adversaries and strategic competitors almost certainly will use online influence operations to try to weaken democratic institutions, undermine US alliances and partnerships, and shape policy outcomes in the United States and elsewhere,” National Intelligence Director Daniel Coats said in a statement before the Senate Select Committee on Intelligence.

“We expect our adversaries and strategic competitors to refine their capabilities and add new tactics as they learn from each other’s experiences, suggesting the threat landscape could look very different in 2020 and future elections,” Coats added.

Advertisement. Scroll to continue reading.

Intelligence agencies are concerned not only about influence operations, but also about attempts to directly manipulate or disrupt election systems. This includes tampering with voter registration or disrupting vote counting in an effort to alter data or call into question the voting process.

Related: U.S. Intel Budget Soars Under Trump

Related: The United States and China – A Different Kind of Cyberwar

Related: U.S. Companies Urged to Protect Against Foreign Government Hackers

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...