US expresses concerns over supply chain cyberattacks

“Our goal in releasing this document is simple: to provide U.S. industry and the public with the latest unclassified information on foreign efforts to steal U.S. trade secrets through cyberspace,” said William R. Evanina, Director of the NCSC. “Building an effective response to this tremendous challenge demands understanding economic espionage as a worldwide, multi-vector threat to the integrity of both the U.S. economy and global trade.”

The report details that despite the opportunities AI and the IoT offer, they will also introduce vulnerabilities to U.S. networks – for which the cybersecurity community is not prepared.

The report identified China, Russia and Iran as the “most pervasive nation-state threat actors”.

It also outlined the sectors of “greatest interest”, including energy, biotechnology, defence, environmental protection, high-end manufacturing, and information and communications technology.

According to a report from the BBC, the worry is that “attackers are looking for ways to exploit computer networks via the privileged access given to technology providers”, with Evanina highlighting software supply infiltration as a key threat, that needed more attention.

The full report is available here.