To enhance private sector awareness, the U.S. government is highlighting the biggest threats faced by American companies from enemy states.
Amid growing concern over cyberespionage, the U.S. National Counterintelligence and Security Center (NCSC) is arming companies with key information to understand and fend off threats from foreign intelligence entities and other adversaries.
Underscoring threats faced by U.S. companies, the NCSC mentions last month’s indictment of several actors associated with China’s Ministry of State Security, charges brought against a North Korean state-backed actor for his role in the WannaCry pandemic, a campaign of intrusion by Russia to reconnoiter U.S. energy-sector networks, and more.
“Make no mistake, American companies are squarely in the cross-hairs of well-financed nation-state actors, who are routinely breaching private sector networks, stealing proprietary data, and compromising supply chains,” said NCSC Director William Evanina.
“The attacks are persistent, aggressive, and cost our nation jobs, economic advantage, and hundreds of billions of dollars,” Evanina said. “To enhance private sector awareness, we’re arming U.S. companies with information they need to better understand and defend against these threats.”
The NCSC is distributing materials crafted to raise awareness among private sector organizations, including best practices for protecting data, technologies and networks. The NCSC also distributed the materials to the federal sector. The package, dubbed “Know the Risk, Raise Your Shield,” contains visual and written materials on supply chain attacks, economic espionage, social engineering, social media deception, spear-phishing, mobile device safety, and foreign travel risks.
For each type of threat, the consortium offers tips for keeping attackers at bay.
The NCSC also advertises its "2018 Foreign Economic Espionage in Cyberspace" report, which provides unclassified information on foreign intelligence efforts to steal U.S. intellectual property, trade secrets, and proprietary data via cyberspace. The report identifies the most pervasive nation-state threat actors, the industrial sectors of greatest interest to foreign threat actors, and several emerging threats that warrant attention, such as software supply chain infiltration, foreign laws, and technology firms that have ties to foreign governments.