CyberWire staff | thecyberwire.com »
US Intelligence Community now assesses China as a top global threat.
After almost twenty years of emphasizing Islamic terrorism, the Intelligence Community’s (IC’s) Annual Threat Assessment lists China, Russia, Iran, and North Korea as the chief threats to national security, NPR reports, noting that the “order of the topics presented… does not necessarily indicate their relative importance or the magnitude of the threats.” Members of the IC will brief Congress on the report today and tomorrow.
The assessment describes China as “increasingly…a near-peer competitor, challenging the United States in multiple arenas — especially economically, militarily, and technologically,” observing that the CCP “is pushing to change global norms.” NBC adds that China is “doubling its nuclear capacity, besting American capabilities in space and expanding its influence abroad.” President Biden has pledged a strong stance on Beijing, without getting into specifics.
The document characterizes cyber threats as “intertwined” with foreign threats and infrastructure risks. Direct attacks on infrastructure are given prominence in the assessment, but there’s also considerable attention paid to influence operations, including disinformation.
Some industry comment on the Assessment has come in. Garret Grajek, President and CEO of YouAttest observed that a lot of the incidents mentioned in the Assessment occurred in areas that were already highly regulated, and that he’s concerned the report might prompt uncritical expansion of regulation and its attendant compliance burden:
“The message is serious because the situation is serious. My fear as a identity professional for 30 years is that more regulation will occur because of the threat. Every one of these hacks occurred to enterprises that were under some sort of regulation – be it SOX, PCI-DSS, HIPAA or self-mandated regulations like ISO 27001 or HITRUST. The problem in today’s environment is that the audit/compliance process is NOT adding enough value to the overall security posture of the enterprise.
“Audit/compliance is seen as a data gathering activity in most enterprises. It’s gathering information on the changes and the reason/justification of the changes. This is a complete misappropriation of resources – both time and money. The change information should be automatically formatted into a compliance conducive format – where no effort is needed at “audit time” to search/retrieve records.”
Saryu Nayyar, CEO of Gurucul, sees confirmation of the well-known, continuing, high tempo of offensive cyber operations from familiar adversaries:
“Cyberattacks are not slowing down. The recent cyber espionage attacks involving Russia and China that exploited SolarWinds and Microsoft Exchange vulnerabilities demonstrate the intensity of these threats to our national security.
“The Annual Threat Assessment report essentially says that China wants to rule the world, and will stop at nothing to attack the U.S. Homeland. Ironically, China already leads the world in surveillance systems. Too bad our own government hasn’t deployed sophisticated monitoring platforms like behavioral analytics to proactively identify and mitigate these cyber espionage cyberattacks.
“Meanwhile, it’s no surprise that Russia continues to be a top cyber threat to the U.S., intentionally targeting our critical infrastructure. We need to be much more prepared to defend our electric grid, industrial control systems, and underwater cables. The best defense is a full stack offense which again includes cyber defenses powered by machine learning like security analytics.”
External Link: US Annual Threat Assessment is Out.