AI, IoT and Fake News Highlighted as On-going Cyber Threats
In its statement to the Senate Select Committee on Intelligence on Wednesday, The Intelligence Community combined current and future cyber threats with its overview of kinetic and political threats to America.
Cyber adversaries, warns the Worldwide Threat Assessment of the US Intelligence Community (PDF), “are becoming more adept at using cyberspace to threaten our interests and advance their own, and despite improving cyber defenses, nearly all information, communication networks, and systems will be at risk for years.”
Russia, China, Iran and North Korea are given special reference as cyber threat actors. Russia’s “cyber operations will continue to target the United States and its allies to gather intelligence, support Russian decision-making, conduct influence operations to support Russian military and political objectives, and prepare the cyber environment for future contingencies.”
Cyber activity from China has declined since the bilateral Chinese-US cyber commitments of September 2015, but cyber espionage continues. China also selectively targets individuals or organizations it believes might threaten its domestic regime.
Iran, which the statement describes as “the foremost state sponsor of terrorism”, has already used its cyber capabilities against the US (such as an intrusion into the industrial control system of a US dam in 2013, and the data deletion attack on a US-based casino in 2014).
North Korea has similarly targeted the US, “specifically, Sony Pictures Entertainment in 2014 — and remains capable of launching disruptive or destructive cyber-attacks to support its political objectives.”
Global threats come from terrorists and criminals. ISIS, Hezbollah and HAMAS are sources of terrorist-based cyber threats. In particular, “ISIS will continue to seek opportunities to target and release sensitive information about US citizens, similar to their operations in 2015 disclosing Information about US military personnel, in an effort to inspire attacks.”
Cyber criminals are “developing and using sophisticated cyber tools for a variety of purposes including theft, extortion, and facilitation of other criminal activities.” Ransomware is given special mention.
The statement warns that there are physical, economic and psychological consequences from cyber threats. The physical threats come from attacks on the critical infrastructure and from an increasing likelihood of attacks against critical IoT devices. “If adversaries gain the ability to create significant physical effects in the United States via cyber means, they will have gained new avenues for coercion and deterrence.”
The psychological consequences of attacks from both state and non-state actors can “distort the perceptions and decision-making processes of the target.” It also warns that “even a technically secure Internet can serve as a platform for the delivery of manipulative content crafted by foes seeking to gain Influence or foment distrust.”
Emerging threats come from artificial intelligence (AI), the internet of things (IoT), and perhaps surprisingly, the decline of Moore’s Law.
“The implications of our adversaries’ abilities to use AI are potentially profound and broad. They include an increased vulnerability to cyber attack, difficulty in ascertaining attribution, facilitation of advances in foreign weapon and intelligence systems, the risk of accidents and related liability issues, and unemployment.” Brian Dye, EVP of corporate products, told SecurityWeek that McAfee is already seeing adversaries attempting to poison machine learning (ML) defenses with false positives. The use of ML against ML will hasten this process, and make even advanced network defenses more vulnerable.
The IoT offers a new attack vector for adversaries. “In the future,” warns the Intelligence Community, “state and non-state actors will likely use IoT devices to support intelligence operations or domestic security or to access or attack targeted computer networks.”
The decline of Moore’s Law is likely to reduce the US technology advantage that “underpins many US economic and security advantages… potentially eroding US national security advantages.”
It is not within the remit of this statement to suggest solutions to cyber threats, but it does note that an international agreement on norms of cyber behavior is unlikely in the near future. Cyber norms are often considered to be the best long term hope for cyber stability, but “although efforts are ongoing to gain adherence to certain voluntary, non-binding norms of responsible state behavior in cyberspace, they have not gained universal acceptance, and efforts to promote them are increasingly polarized.”
In short, the Intelligence Community sees no diminution of the cyber threat to the US; newly emerging threat vectors making the situation more difficult; and no immediate sign of any long-term solution.