Cyber attacks, regional conflicts, weapons of mass destruction, terrorism, commercial spyware, AI, disinformation, disinformation, deepfakes and TikTok. These are just some of the top perceived threats facing the United States, according to the latest Global Risk Assessment by the US Government Intelligence Agency.
The unclassified report released Monday — disinfected for public circulation — provided a candid annual window into the collective mind of the U.S. intelligence community about the threats it sees facing the U.S. homeland based on its vast intelligence collection banks. Now, in an election year, top US spies are increasingly citing emerging technology and cyber security as a factor in assessing the national security posture.
In one unclassified session with the Senate Intelligence Committee on Monday, the top leaders of the US government’s intelligence agencies – including the FBI, NSA, CIA and others – testified to lawmakers largely to answer their questions about the current state of global affairs .
Here’s what we learned from the hearing.
At least 74 countries use commercial spyware
In recent years, the US government has turned its attention to the government spyware industry, which currently consists of companies such as NSO Group and Intellexa, and previously Hacking Team and FinFisher. In its annual report, the intelligence community wrote that, “from 2011 to 2023, at least 74 countries contracted private companies to acquire commercial spyware, which governments increasingly use to target dissidents and journalists.”
The report did not specify where the intelligence community got that number, and the Office of the Director of National Intelligence did not respond to a request for comment seeking clarification.
But last year, the Carnegie Endowment for International Peace, a think tank in Washington, DC, published a report on the global spyware industry which included the same number of countries as well as the same dates as the new intelligence community report. The Carnegie report, written by Steven Feldstein and Brian Kot, is cited data collected by bothwhich they said came from sources including digital rights groups and security researchers who have studied the spyware industry such as Citizen Lab, the Electronic Frontier Foundation and Privacy International, as well as news reports.
It is important to note that the Carnegie dataset, such as the authors explained last year, includes what we call government or commercial eavesdropping, meaning tools for remote hacking and remote monitoring of targets, such as those made by NSO and Intellexa. But it also includes digital forensics software used to extract data from phones and computers that are physically in the possession of authorities. Two of the most well-known manufacturers of this type of tool are Cellebrite and Grayshift, which are widely used in the United States as well as other countries.
The US says it is struggling to tackle ransomware
The US says ransomware poses an ongoing risk to US public services and critical infrastructure because ransomware-related cybercriminals are “improving their attacks, extorting money, disrupting critical services and exposing sensitive data”.
Ransomware has become a global problem, with hacking gangs extorting companies in some cases millions of dollars in ransom payments to get their stolen files back. Some cyber experts have called on governments to permanently ban ransom payments as necessary to stop hackers profiting from cyber crime.
However, the US has eschewed this view and is taking a different approach, choosing to systematically disrupt, dismantle and sanction some of the worst offenders, who are based in Russia and beyond the reach of US justice.
“In the absence of cooperative law enforcement from Russia or other countries that provide cybercriminals with a safe haven or a permissive environment, mitigation efforts will remain limited,” the threat assessment said. In other words, until Russia – and a few other hostile states – give up their criminals, expect ransomware to continue to be today’s snow day.
US warns of growing use of artificial intelligence in influence businesses
The use of genetic AI in digital influence operations is not new, but the widespread availability of AI tools lowers the bar for malicious actors involved in online influence operations, such as election interference and counterfeiting.
The rise of detailed and convincing deepfake images and videos is playing its part in information warfare by deliberately sowing confusion and discord, citing Russia’s use of deepfake images against Ukraine on the battlefield.
“Russia’s influencers have adjusted their efforts to better hide their hand and may use new technologies, such as genetic artificial intelligence, to improve their capabilities and reach Western audiences,” the report warned.
This was something NSA cybersecurity director Rob Joyce echoed earlier in January about how foreign hackers are using chatbot tools to create more convincing phishing messages, but that AI is also useful for digital defense.
The report also noted that China is increasingly experimenting with genetic artificial intelligence, noting that TikTok accounts run by a Chinese military propaganda arm “reportedly targeted candidates from both political parties during the 2022 US midterm election cycle.” .
There are no laws restricting US spies from buying Americans’ data
US spy agencies have caught on to a popular practice: Why get a warrant for data when they can just buy it online? Given how much data we share from our phone apps (which many don’t give a second thought to), US spy agencies simply buy massive amounts of commercially available location and internet traffic data of Americans from data brokers.
How is this legal? After a brief exchange with the head of the Defense Intelligence Agency — one of the agencies confirmed that he bought access to a database containing Americans’ location data — Sen. Ron Wyden noted that the practice was allowed because there is no constitutional or legislative limit on the purchase of commercially available data.
In other words, US spy agencies can continue to buy data on Americans that is readily available for purchase until Congress stops the practice — even if the root of the problem is that data brokers shouldn’t have our data at first.
