The National Counterintelligence and Security Center recently described Russia, Iran and China as âthe most capable and activeâ among the foreign entities that pose a cyber intelligence threat to the United States.
The NCSC said in a report entitled âForeign Economic Espionage in Cyberspaceâ that the three countries, using state agencies or third-party hackers, target U.S. companies and organizations in the information technology, defense, energy, finance and other sectors to obtain intellectual property and sensitive data to advance their own national economic and security objectives.
The NCSC predicted that these countries âwill almost certainly continue to deploy significant resources and a wide array of tacticsâ in pursuit of their strategic targets.
Elsewhere in the report, the NCSC pointed out the risk posed by software supply chain attacks, where hackers, possibly acting on behalf of adversarial governments, infiltrate an applicationâs distribution mechanism and push out compromised copies with the aim of stealing end-user data.
The NCSC said that cyber actors are âclearly targeting software supply chains to achieve a range of potential effects,â adding that such a tactic âhas already threatened the critical infrastructure sector and could threaten other sectors as well.â