Russia and China are capable of disrupting critical infrastructure in the United States, and Iran is not far behind, according to the Worldwide Threat Assessment made public by the U.S. intelligence community on Tuesday.
The assessment covers a wide range of threats, including cyber. Similar to the reports published in the past years, it warns that the US’s adversaries and competitors will increasingly use their cyber capabilities for political, military and economic advantage.
China and Russia continue to pose the biggest threat, but Iran, North Korea, non-state terrorists and profit-driven cybercriminals should not be ignored either, intelligence agencies said.
China and Russia pose a threat not only for their cyber espionage capabilities, but also due to their influence operations and their ability to generate “localized, temporary disruptive effects on critical infrastructure.” The theoretical examples provided in the report describe China disrupting a natural gas pipeline for days or weeks, and Russia causing a power outage that lasts for at least a few hours.
Spy agencies have also warned that Iran is “also attempting to deploy cyber attack capabilities that would enable attacks against critical infrastructure in the United States and allied countries.” It is believed that Iranian hackers could disrupt a large company’s corporate networks for days or weeks, as demonstrated by the Shamoon attacks.
As for North Korea, intelligence officials are concerned about its ability to steal money from banks, conduct cyber espionage, and launch disruptive cyberattacks.
The threat assessment also describes online influence operations and attempts to interfere with elections. It is widely believed that Russia put a lot of effort into influencing the outcome of the 2016 presidential election in the United States and intel chiefs now warn that Russia, China, Iran and other adversaries have probably already started making plans for the 2020 elections.
“US adversaries and strategic competitors almost certainly will use online influence operations to try to weaken democratic institutions, undermine US alliances and partnerships, and shape policy outcomes in the United States and elsewhere,” National Intelligence Director Daniel Coats said in a statement before the Senate Select Committee on Intelligence.
“We expect our adversaries and strategic competitors to refine their capabilities and add new tactics as they learn from each other’s experiences, suggesting the threat landscape could look very different in 2020 and future elections,” Coats added.
Intelligence agencies are concerned not only about influence operations, but also about attempts to directly manipulate or disrupt election systems. This includes tampering with voter registration or disrupting vote counting in an effort to alter data or call into question the voting process.
Related: U.S. Intel Budget Soars Under Trump
Related: The United States and China – A Different Kind of Cyberwar
Related: U.S. Companies Urged to Protect Against Foreign Government Hackers

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
