@ODNIgov has released its "Annual Threat Assessment" and it's made my day - I love this brief (used to be the Worldwide Threat Assessment) and the nuggets it provides. Lots of cyber intel in here. Let's break down some of the key points. 1/x 🧵 docs.house.gov/meetings/IG/IG…
1) China is the most significant US cyber threat: "We assess that China presents the broadest, most active, and persistent cyber espionage threat to U.S. Government and private sector networks." 2/X
2) The Russian cyber threat to US and allied critical infrastructure is high: "Russia is particularly focused on improving its ability to target critical infrastructure (CI), including underwater cables and industrial control systems." 3/x
3) The Russian cyber threat to CI is especially high during a crisis: "because compromising such infrastructure improves and demonstrates its ability to damage infrastructure during a crisis." 4/x
4) Info ops continue to be employed and will become more aggressive: "Beijing is probably reviewing publicly disclosed Russian influence operations and gaining experience from operations that use social media and other technologies against societies in Asia and elsewhere." 5/x
5) We underestimate Iran: Iran was responsible for cyber-attacks on Israeli water facilities. Their successful disruption of CI in Israel, a superior cyber power compared with Iran, reflects its growing willingness to take risks when it believes retaliation is justified. 6/x
6) Similarly, we can't forget about NK: "Pyongyang probably possesses the expertise to cause temporary, limited disruptions of some CI networks and disrupt business networks in the US." Important and concerning. 7/x
7) Emerging tech can be tricky: the rapid expansion of state and non-state use of unmanned vehicles (air & sea domains), could disrupt the status quo b/c air & naval defense assume the primary threat stems from a small number of crewed platforms or ground-based missiles. 8/x
Transnational cybercrime 1: "groups have now diversified business models that engage in direct wire-transfer fraud from victims, or use other forms of extortion alongside or in place of ransomware." 9/x
Transnational cybercrime 2: "In 2020, business-e-mail compromise, identity theft, spoofing, and other extortion schemes ranked among the top five MOST costly cybercriminal schemes." 10/x
#Takeaway: Adversaries and competitors are enhancing and exercising their military, cyber, and other capabilities, raising the risks to U.S. and allied forces, weakening our conventional deterrence, and worsening the longstanding threat from weapons of mass destruction.