The Department of Homeland Security on Tuesday issued its first ever assessment of threats to the homeland, outlining seven categories but not prioritizing them.
The first of seven sections in the Homeland Threat Assessment (HTA) discusses cyber threats and says Russia and China are the “most capable nation-state cyber adversaries” with Russia having “some of the most sophisticated cyber capabilities in the world” with the ability to “disrupt or damage U.S. critical infrastructure networks via cyber-attacks.” The report also says that Russia also targets U.S. industry and all levels of government with cyber espionage for economic, policy and national security information.
As for China, the HTA highlights the cyber espionage threat that country continues to pose to the U.S. in terms of stealing intellectual property and personally identifiable information, and it also warns that “Beijing’s cyber-attack capabilities will grow,” adding that “China possesses an increasing ability to threaten and potentially disrupt U.S. critical infrastructure.”
North Korea and Iran also pose threats to U.S. information and networks, the DHS assessment says, noting that Iran already poses a “cyber espionage threat and is developing access in the Homeland that could be repurposed for destructive cyber-attacks.”
North Korea’s capabilities for the time being will likely remain focused to criminal activity aimed at making money. Still, North Korea has the potential to expand its attack surface, the HTA says.
“If Pyongyang’s intent changes, however, it probably could quickly build capabilities to conduct broader espionage activity or threaten infrastructure with disruptive cyber-attacks,” DHS says.
In addition to cyber threats, the following sections outlined in the assessment on threats to the homeland are foreign influence operations, U.S. economic security, terrorist threats, transnational criminal organizations, illegal immigration and natural disasters.
DHS, which relied on its own intelligence apparatus for the assessment, says there “likely” will be some attempts using cyber means to “compromise or disrupt infrastructure” related to the presidential elections next month and the Census but it doesn’t name potential actors.
Christopher Krebs, director of the DHS Cybersecurity and Infrastructure Security Agency, said during a meeting of the president’s National Security Telecommunications Advisory Board on Tuesday that so far his agency hasn’t seen much activity from nation-states on U.S. election infrastructure.
The report says that foreign adversaries are active using covert and overt means to influence the U.S. public ahead of the upcoming elections. It points out that Russia has denigrated Democratic presidential candidate Joe Biden but that “Moscow’s overarching objective is to undermine the U.S. electoral process and weaken the United States through discord, division, and distraction in hopes America becomes less able to challenge Russia’s strategic objectives.”
The report says China will continue to target the Trump administration “using overt and covert influence operations” with the aim “to shape the U.S. domestic information environment in favor of China.” It also says that Iran’s influence operations goals are to “support its foreign policy objectives” and to increase social tensions in the United States.”
Threats from white supremacists, which are “racially and ethnically motivated,” represent “the most persistent and lethal threat in the Homeland,” the report says in the section titled, “The Terrorist Threat to the Homeland.”
“Violent extremists will continue their efforts to exploit public fears associated with COVID-19 and social grievances driving lawful protests to incite violence, intimidate targets, and promote their extremist ideologies,” the HTA says.
The report also cites anti-government and anti-authority violent extremists as posing a threat indicated by a “significant uptick in violence against law enforcement and government symbols in 2020.”