Cyber Threat Intelligence Leader Warns of Changing Nature of Attacks
Adversaries are becoming even more assertive and capable of using cyberspace to threaten the United States, says the deputy director of the Cyber Threat Intelligence Integration Center.
As billions more Internet of Things (IoT)-related devices come online, the barrage of cyber threats will not only continue but will target users in new ways. Moreover, the number of adversaries mounting attacks against the United States in cyberspace will continue to grow in the next year, as nation-states, terrorist groups, criminal organizations and others persist in the development of cyber warfare capabilities, Michael Moss, deputy director, Cyber Threat Intelligence Integration Center (CTIIC) warned during recent Congressional testimony.
Appearing before the Senate Committee on the Judiciary's Subcommittee on Crime and Terrorism, Moss raised continued concerns about how adversaries will continue to leverage cyber-based operations as a low-cost tool for cyber attacks.
The deputy director expects Russia, China, Iran, and North Korea to pose the greatest cyber threat to American interests in the next year.
“The risk is growing that some adversaries will conduct cyber attacks—such as data deletion or localized and temporary disruptions of critical infrastructure—against the United States in a crisis short of war,” Moss said. “We believe they will work to use cyber operations to achieve strategic objectives unless they face clear repercussions for their cyber operations.”
Moss anticipates non-state actors to continue cyber-based financial crime, propaganda and messaging. “Our adversaries are becoming more assertive, more capable and more adept at using cyberspace to threaten our interests,” he noted.
Moss stressed that the additional digital devices connecting to the IoT have relatively little built-in security, giving an opening to emboldened nation-states and malignant actors. In addition, while the use of artificial intelligence and IoT has added convenience into daily life and to the management of critical infrastructure, the technologies also present significant risk, he noted. “The potential for surprise in the cyber realm will increase in the next year and beyond,” he stated.
As part of the Office of the Director of National Intelligence (ODNI), CTIIC is charged with building a coordinated understanding of the cyber threats to the United States and its national interests, according to ODNI. CTIIC was authorized by Congress’ Intelligence Authorization Act for Fiscal Year 2016—with further enumeration from a Presidential policy directive—and is one of three federal government leads, in addition to the DHS and FBI, responsible for coordinating the government’s response to significant cyber incidents, the ODNI stated.