China, Russia and Iran pose the biggest threats of computer attacks to spy on U.S. companies and steal their trade secrets, according to a report from the Office of the Director of National Intelligence.
The three countries have conducted sophisticated, large-scale hacking attacks across multiple U.S. industries, targeting the networks of technology and manufacturing contractors, defense contractors and utilities, according to the 20-page report compiled by office’s National Counterintelligence and Security Center.
There’s no sign the cyber thefts will stop.
“We anticipate that China, Russia, and Iran will remain aggressive and capable collectors of sensitive U.S. economic information and technologies, particularly in cyberspace,” the intelligence center said. “All will almost certainly continue to deploy significant resources and a wide array of tactics to acquire intellectual property and proprietary information.”
Russian government hackers compromised dozens of U.S energy companies in 2017, including their operational networks, according to the report.
“The threat to U.S. technology from Russia will continue over the coming years as Moscow attempts to bolster an economy struggling with endemic corruption, state control, and a loss of talent departing for jobs abroad,” the counterintelligence center said.
Most Chinese cyberattacks against U.S. industry are focused on defense contractors and technology and communications companies “whose products and services support government and private sector networks worldwide,” according to the report.
China reached an agreement with the U.S. in 2015 to stop conducting digital economic espionage. Attacks from China have lessened since then but still continue, the counterintelligence center said.
Iran is described as taking a noticeable turn in 2017 toward targeting U.S. networks, as it seeks to expand industries unrelated to oil.
“We believe that Iran will continue working to penetrate U.S. networks for economic or industrial espionage purposes,” according to the report. “Iran’s economy — still driven heavily by petroleum revenue — will depend on growth in non-oil industries, and we expect Iran will continue to exploit cyberspace to gain advantages in these industries.”
Looking ahead, the counterintelligence office said software vulnerabilities will continue to let hackers insert malicious code into U.S. networks.
Additionally, new laws put in place by other countries might require U.S. companies to submit their software code for security reviews or store their data locally in the host country.
“A range of other potentially disruptive threats warrant attention,” the counterintelligence agency said. “Cyber threats will continue to evolve with technological advances in the global information environment.”
© 2018 Bloomberg News
Distributed by Tribune Content Agency, LLC.