U.S. National Security Agency (NSA) talks about cyber attacks by Russia, China, Iran and North Korea

The head of the U.S. National Security Agency’s (NSA) cyber division has released his latest assessment of the so-called “Big Four” – Russia, China, Iran and North Korea – foreign nations that have traditionally acted as America’s digital enemies and their latest online activities.

Russia

They are a destructive force. They often seek to disrupt other activities rather than expand their own… They are still active in intelligence-gathering activities against governments (and critical infrastructures), and what is even more concerning is that they are actively exercising their destructive effects around the world. They are actively exercising destructive effects around the world. There is also evidence of advance preparation against US critical infrastructure. All of this is unacceptable and we need to counter it.

China

The scope and scale of China is off the charts. The number of cyber actors in China is far greater than the rest of the world combined. With such large resources, we have found that the elite among them are truly elite.

The sophistication of the Chinese is very good. Defense is very important, but we also have to work on disruption. That’s the (Pentagon’s) strategy of continuous engagement, the idea of adding sand and friction to their operations so that they can’t get to their goals at will

Iran

Iran is still active. When the bank attacks and Shamoon Wiper virus were in the news, Iran was active. It is still actively engaged in aggressive cyber attacks.

But now they are often focused on local activities. But they are capable, and most importantly, dangerous, because their judgment to act rationally and make decisions is impaired.

I don’t think Iran realizes how far over the line it is crossing at times. It has gotten to the point where it is causing anger and concern in the larger society.

North Korea

North Korea is still very much focused on building wealth for the regime.

Because the world can’t sanction North Korea any more.

It turns out that stealing bitcoins is easier than stealing them from the Bangladesh Bank.

They are profiting from the crypto space, so they are not attacking the largest banks as aggressively. As such, they are still active, still a threat, still very capable, but mostly focused on crypto exchanges and making money

Leave a Reply

Your email address will not be published.