In a newly released "Intelligence Insights" paper, INSA's Cyber Council consolidates key information regarding the increased risk of nation-state sponsored cyberattacks on the private sector and offers a list of helpful resources organizations can use to strengthen cyber defenses. The paper notes that on January 6, 2020, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security's cybersecurity arm, posted Alert AA20-006A, "Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad," which recommends that organizations:
- Adopt a state of heightened awareness
- Increase organizational vigilance
- Confirm reporting processes
- Exercise organizational incident response plans
Risk Assessment: Nation-State Threats to the Private Sector
U.S. companies have long been under significant risk of attack by foreign intelligence agencies or their proxies. This is particularly true for industries with highly sensitive data - such as the advanced technology, defense, legal and finance sectors - and for operators of U.S. critical infrastructure.
Nation states targeting private companies, either directly or through proxies, include Russia, China, and North Korea, as well as Iran. Foreign state threats to the U.S. private sector will always exist, and to varying degrees the Iranian escalation represents a heightened threat environment for U.S. and allied interests. The targeting of individual businesses, universities or other organizations by malign actors with nation state resources presents a significant mismatch in cyberspace.
In light of recent U.S. military activities in Iraq, U.S. public and private sector organizations face a heightened threat of offensive cyberattacks from Iran via its official offensive cyber organizations and paid proxies, sympathizers or supporters around the world. While Iranian hackers have attacked U.S. government entities and private companies since as far back as 2011, its tactics and techniques have become extremely advanced, and it is believed that many of Iran’s cyberattacks are intended to lay the groundwork for denial of service and, potentially, kinetic attacks.
Suggested Cybersecurity Resources
National Counterintelligence and Security Center (NCSC) – "Know the Risk, Raise Your Shield"
The NCSC "Know the Risk, Raise Your Shield" campaign includes materials that explains how individual organizations can mitigate threats and raise awareness of the most common threats faced by the private sector. These include risks related to the corporate supply chain, spear-phishing e-mails, social media deception, foreign travel, and mobile devices. NCSC resources.
DHS Cybersecurity and Infrastructure Security Agency (CISA) – National Cyber Awareness System
CISA's National Cyber Awareness System offers five products to help users stay ahead of current security threats. Those with more advanced cyber knowledge can use the Alerts, reports and bulletins to keep updated on current security issues, vulnerabilities, and exploits, while those with less technical savvy can benefit from CISA's security tips CISA resources.
Intelligence and National Security Agency (INSA)
INSA's Cyber Council combines the knowledge of industry, government, and academic experts to provide authoritative and influential insights regarding national security challenges in the cyber domain. Council members work to promote a greater understanding of the cyber threats, challenges, and opportunities that can be addressed effectively through public-private collaboration. Council resources.Read the full Intelligence Insights Here