“Increasingly aggressive and complex threats” from foreign intelligence call for a comprehensive deterrence and detection plan to combat insider threats, theft of sensitive information, hacking and even “assassination attempts by foreign intelligence services” on U.S. soil, National Counterintelligence and Security Center Director Bill Evanina said in the new National Counterintelligence Strategy.
“It is essential that we engage and mobilize all elements of United States society and fully integrate sound counterintelligence and security procedures into our business practices, and strengthen our networks against attempts by foreign threat actors or malicious insiders to steal or compromise our sensitive data, information, and assets,” Evanina wrote in the report.
“Foreign threat actors have become more dangerous because, with ready access to advanced technology, they are threatening a broader range of targets at lower risk,” states the strategy, which focuses on five areas: critical infrastructure, key U.S. supply chains, the U.S. economy, foreign influence on American democracy, and cyber and technical operations.
“The number of actors targeting the United States is growing. Russia and China operate globally, use all instruments of national power to target the United States, and have a broad range of sophisticated intelligence capabilities. Other state adversaries such as Cuba, Iran, and North Korea; non-state actors such as Lebanese Hizballah, ISIS, and al-Qa’ida; as well as, transnational criminal organizations and ideologically motivated entities such as hacktivists, leaktivists, and public disclosure organizations, also pose significant threats. Additionally, foreign nationals with no formal ties to foreign intelligence services steal sensitive data and intellectual property.”
Additionally, the report notes, threat actors “have an increasingly sophisticated set of intelligence capabilities at their disposal” and are “targeting most U.S. government departments and agencies — even those without a national security mission — as well as national laboratories, the financial sector, the U.S. industrial base and other private sector and academic entities.”
“The ever-changing technology landscape is likely to accelerate these trends, threatening the security and economic well-being of the American people and eroding the United States’ economic, military, and technological advantage around the globe,” the report adds, noting how emerging technologies such as artificial intelligence, quantum computing, nanotechnology, advanced materials, improved encryption, robotics, and the Internet of Things can empower spies.
The strategy vows to “expand critical infrastructure information exchanges with federal departments and agencies; with state, local, tribal, and territorial governments; and with private sector partners, and allies,” “develop, train, and retain a community of officers across government who can identify and counter threats to U.S. critical infrastructure,” and “develop new analytic tools to improve threat warning and enable offensive and defensive operations.”
On supply chain threats, the U.S. plans to “enhance capabilities to detect and respond to supply chain threats,” “advance supply chain integrity and security across the federal government,” and “expand outreach on supply chain threats, risk management, and best practices.”
To counter exploitation of the U.S. economy, the U.S. plans to “improve detection of foreign threats to our national innovation base,” “broaden awareness of foreign intelligence threats to the U.S. Economy,” and “identify and counter foreign investments in the United States that pose a national security threat.”
Stressing that “our adversaries are using a range of communications media to enable their covert influence campaigns,” the strategy is to “advance our counterintelligence capabilities and activities to detect, deter and counter foreign influence activities,” “strengthen partnerships across U.S. Government departments and agencies; with state, local, tribal, and territorial governments; and with the private sector,” and “deepen existing and develop new foreign partnerships” to “raise awareness of foreign influence activity, share lessons learned and best practices, and inform decisions to counter threats.”
And to confront the threat of often “low-cost, efficient, deniable, and high-yield” cyber attacks, the government plans to “advance the integration of the counterintelligence, security and cyber communities to better detect, deter, and counter the threats from foreign intelligence cyber actors,” “develop, train, and retain a cadre of cyber counterintelligence and technical security experts,” and “enhance our cyber counterintelligence toolkit” — in other words, “develop and acquire new capabilities to track and counter foreign cyber and technical operations against the United States and leverage partnerships with the private sector to develop effective countermeasures.”
The strategy stresses that implementation will require a whole-of-society approach to successfully counter threats.
“Increased collaboration among counterintelligence, industry, and academic leaders will deepen our understanding of foreign adversary intentions and capabilities and foster joint capabilities to detect and defend against threats,” it states, adding that the government plans to “develop counterintelligence information repositories that enable indications and warnings and mitigations of potential foreign threats to the United States.”