A national intelligence strategy released Tuesday calls on U.S. spy agencies to improve their understanding of what is driving foreign adversaries’ growing cyber-capabilities.
The strategy, published by the Office of the Director of National Intelligence, pledges that intelligence agencies will “increase our awareness and understanding of adversaries’ use of cyber-operations—including leadership plans, intentions, capabilities, and operations— to inform decisions and enable action.”
The stakes are high; America’s spies must keep pace with growing list of hacking capabilities at adversaries’ disposal, according to the ODNI.
“As the cyber capabilities of our adversaries grow, they will pose increasing threats to U.S. security, including critical infrastructure, public health and safety, economic prosperity, and stability,” the document says.
There has been no shortage of recent foreign hacking threats to U.S. public and private organizations, from suspected Iranian targeting of domain name systems to alleged Chinese economic espionage. The new strategy recognizes that the ability of U.S. intelligence agencies to promptly warn others in the government about these threats is crucial.
The ODNI document lists cyberthreat intelligence among four “topical mission objectives”– alongside counterterrorism, counterintelligence and security, and counter-proliferation – for the nation’s 17 intelligence agencies and offices.
After the Russian intervention in the 2016 presidential election, the U.S. intelligence community has taken a greater role in helping other agencies – and even state and local officials – guard against foreign interference in the U.S. electoral process. However, the new public strategy does not mention election security.
Nonetheless, the strategy, which will guide intelligence agencies for the next four years, shows how agencies are continuing to adapt to the digital age.
In the last four years, the Central Intelligence Agency opened a digital directorate, while the National Security Agency revamped its bureaucracy to better coordinate offensive and defensive operations. Meanwhile, ODNI established a center for streamlining cyberthreat intelligence after North Korea’s unprecedented cyberattack on Sony Pictures Entertainment in 2014.
The 2019 intelligence strategy shows a “continued strong emphasis on collecting or studying foreign capabilities and methodologies that coincide with organizational changes in recent years at ODNI, NSA, and CIA,” said Sean Kanuck, a former national intelligence officer for cyber issues.
The goal of any intelligence product is giving U.S. decision-makers useful and actionable threat information. With that in mind, intelligence agencies plan to expand the “tailored production” and dissemination of cyberthreat intelligence to help defend critical infrastructure, according to the ODNI strategy.
Deterring the hacking operations of states likes China, Iran, North Korea, and Russia has been a longstanding, but often elusive, U.S. goal. Intelligence gathering is supposed to help with that, and the new strategy calls for progress. ODNI wants to help U.S. deterrence efforts by supporting “diplomatic, information, military, economic, financial, intelligence, and law enforcement plans and operations.”
The strategy also emphasizes artificial intelligence (AI) and other emerging technologies that intelligence agencies can leverage for collection and analysis.
While AI didn’t feature in the 2014 intelligence strategy, it has become a priority for the intelligence community, appearing in other documents like the Worldwide Threat Assessment, said Kanuck, a visiting fellow at the Hoover Institution.
AI’s inclusion in the new strategy reaffirms the importance of algorithm-fueled analytics to the intelligence mission, he told CyberScoop. And the document’s reference to machine-learning-supported forecasting suggests that the Intelligence Advanced Research Projects Activity’s investments in that field are paying dividends, Kanuck added.