China, Russia and Iran pose the biggest threats of computer attacks to spy on U.S. companies and steal their trade secrets, according to a report from the Office of the Director of National Intelligence.
The three countries have conducted sophisticated, large-scale hacking attacks across multiple U.S. industries, targeting the networks of technology and manufacturing contractors, defense contractors and utilities, according to the 20-page report compiled by office’s National Counterintelligence and Security Center.
“Our economic security is our national security,” William Evanina, director of the National Counterintelligence and Security Center, told reporters during a briefing Thursday. “We cannot just get numb to our adversaries stealing our intellectual property and trade secrets.”
There’s no sign the cyber thefts will stop.
“We anticipate that China, Russia, and Iran will remain aggressive and capable collectors of sensitive U.S. economic information and technologies, particularly in cyberspace,” the intelligence center said. in the report “All will almost certainly continue to deploy significant resources and a wide array of tactics to acquire intellectual property and proprietary information.”
A new threat is that hackers are infiltrating corporate networks while software code is being written, Evanina said. That lets the hackers insert malware into the code from the start that will stay as it’s used by consumers and updated.
Russian government hackers compromised dozens of U.S energy companies in 2017, including their operational networks, according to the report.
“The threat to U.S. technology from Russia will continue over the coming years as Moscow attempts to bolster an economy struggling with endemic corruption, state control, and a loss of talent departing for jobs abroad,” the counterintelligence center said.
Most Chinese cyberattacks against U.S. industry are focused on defense contractors and technology and communications companies “whose products and services support government and private sector networks worldwide,” according to the report.
China reached an agreement with the U.S. in 2015 to stop conducting digital economic espionage. Attacks from China have lessened since then but still continue, the counterintelligence center said.
Iran is described as taking a noticeable turn in 2017 toward targeting U.S. networks, as it seeks to expand industries unrelated to oil.
“We believe that Iran will continue working to penetrate U.S. networks for economic or industrial espionage purposes,” according to the report. “Iran’s economy — still driven heavily by petroleum revenue — will depend on growth in non-oil industries, and we expect Iran will continue to exploit cyberspace to gain advantages in these industries.”
Looking ahead, the counterintelligence office said software vulnerabilities will continue to let hackers insert malicious code into U.S. networks.
Additionally, new laws put in place by other countries might require U.S. companies to submit their software code for security reviews or store their data locally in the host country.
“A range of other potentially disruptive threats warrant attention,” the counterintelligence agency said. “Cyber threats will continue to evolve with technological advances in the global information environment.”