17 April 2021

New ODNI Report Sees Growing Cyber Threats, COVID-Related Instability

BY PATRICK TUCKER

The pandemic will heighten economic and geopolitical insecurity as some countries struggle with the fallout and China and Russia attempt to use it to their geopolitical advantage, according to the new worldwide threat report from the Office of the Director of National Intelligence. The report also forecasts increasingly destructive and destabilizing cyberattacks as militaries make more use of them.

The yearly report examines various threats to the United States from specific actors — China, Russia, Iran, North Korea and Islamic terrorists — and in areas such as emerging technology, climate, and cybersecurity.

This year’s report includes a section on the worldwide effects of the COVID-19 pandemic, which is “prompting shifts in security priorities for countries around the world.” Governments are increasingly faced with calls to slash military funding, resulting in “gaps...in UN peacekeeping operations; military training and preparedness; counterterrorism operations; and arms control monitoring, verification, and compliance.” Without a rapid recovery, the report projects that the pandemic will make it harder for governments to manage conflict “particularly because the pandemic has not caused any diminution in the number or intensity of conflicts.”

Russia and China play a central role in the report, as they typically do. “Beijing, Moscow, Tehran, and Pyongyang have demonstrated the capability and intent to advance their interests at the expense of the United States and its allies, despite the pandemic,” according to the report, which also mentions China and Russia’s attempts to score geopolitical points through so-called vaccine diplomacy (despite mounting safety concerns around Russia’s vaccine).

A large section on cyber this year highlights the risk of supply-chain disruptions from China and particularly Russia. “A Russian software supply chain operation in 2020...demonstrates Moscow’s capability and intent to target and potentially disrupt public and private organizations in the United States,” it states, a reference to the SolarWinds hack that hit the Departments of Justice and Homeland Security as well as portions of the military’s unclassified network.

“During the last decade, state sponsored hackers have compromised software and IT service supply chains, helping them conduct operations—espionage, sabotage, and potentially prepositioning for warfighting,” the report said. It forecasts that militaries’ increasing forays into the domain “raises the prospect of more destructive and disruptive cyber activity.”

Not all of that activity will come from China and Russia. The report mentions several Iranian attacks on Israeli water systems that occurred between April and June.

North Korea, meanwhile, “probably possesses the expertise to cause temporary, limited disruptions of some critical infrastructure networks and disrupt business networks in the United States, judging from its operations during the past decade, and it may be able to conduct operations that compromise software supply chains.”

John Hultquist, vice president of threat intelligence at Mandiant, said, “Notably missing is a major discussion of Chinese IP theft. There's some limited discussion alongside other strategies they are employing to level up. Focus is on biotech, advanced computing, AI, and other niche technical needs.”

Intelligence leaders are to brief lawmakers on the report in public on Wednesday, resuming a practice that was suspended during the Trump administration. Intelligence heads asked lawmakers to hold the hearings in private because the threat assessment contradicted Trump administration talking points.

The report ends with a special warning on emerging technology and the closing gap between the United States and rival nations like China and Russia. “US leadership in emerging technologies is increasingly challenged, primarily by China. We anticipate that with a more level playing field, new technological developments will increasingly emerge from multiple countries and with less warning.”

No comments: