Introduction: NCSC’s role

For years, the United States has faced increasingly aggressive and complex threats from foreign intelligence entities (FIEs) and nation-states, as well as from a range of malign actors including non-state actors (international terrorists and transnational organized crime groups such as, for example, Lebanese Hizballah, ISIS and al-Qaeda). These non-state actors also include hacktivists and leaktivists, who typically target US federal agencies or private sectors and academic entities.

Overcoming these challenges has called on the National Counterintelligence and Security Center (NCSC) to focus on “five key areas where foreign intelligence entities are hitting us hardest and where we need to devote greater attention — critical infrastructure, key US supply chains, the US economy, American democratic institutions and cyber and technical operations,” said NCSC Director William Evanina.

NCSC’s newest strategy, signed by President Donald Trump on January 7th and unveiled to the public on February 10th, calls on a whole-of-society response that not only involves the government but fully integrates the assistance of the private sector, a well-informed public and foreign allies to work together towards more effective and comprehensive counterintelligence and security procedures. Federal agencies are aligning their plans and resources with the five objectives to strengthen national security.

About the NCSC

In 2014, the Director of National Intelligence (DNI) established the National Counterintelligence and Security Center (NCSC) to serve as the primary organization to undertake counterintelligence and security responsibilities within the Office of the Director of National Intelligence (ODNI).

NCSC’s main objective is to be the nation’s premier source for counterintelligence — to deter, disrupt and defeat foreign intelligence threats — and take a leadership role of security to protect and defend US infrastructures, facilities, classified networks, information and personnel. It also provides outreach to federal government and private sector entities and issues public warnings regarding intelligence threats to the US.

The way this mission is carried out is now changing. The current international scenario calls for a more focused approach since, as reported by NCSC, the number of actors targeting the United States is growing and using an increasingly sophisticated set of intelligence capabilities against an expanded set of targets and vulnerabilities.

“Implementing the strategy will require partnerships, information sharing, and innovation across public and private sectors,” notes the National Counterintelligence Strategy of the United States of America 2020-2022, outlining a new approach to counterintelligence to address threats that have evolved significantly since the last strategy document in 2016.

NCSC’s strategic plan at a glance for 2020 and beyond

According to Director William Evanina, the NCSC Strategic Plan is to “lead and support the counterintelligence and security activities of the US Government, the US Intelligence Community, and US private sector entities at risk of intelligence collection, penetration or attack by foreign and other adversaries.” 

Specific statutory responsibilities include producing strategic planning assessments; developing and implementing national counterintelligence strategies; overseeing and coordinating counterintelligence analysis; developing priorities for counterintelligence investigations and functions; conducting vulnerability studies; performing counterintelligence outreach activities; coordinating the development of CI budgets and resource allocation plans.

In particular, NCSC’s strategic plan focuses on five key areas: the critical infrastructure, key US supply chains, the US economy, foreign influence threats and foreign intelligence cyber and technical operations.

Protect the nation’s critical infrastructure

This is obviously a key issue for any country. The risk is that foreign intelligence entities may succeed in exploiting vulnerabilities in networks and target businesses and organizations especially in the energy sector or financial markets. As a matter of fact, in general, the increasing reliance of the utilities sector on automated and connected systems makes the entire sector an easier, high-values target: smart grids for electricity, water and gas distribution as well as critical functions of major industrial control systems are all great choices for malicious actors. 

“Foreign intelligence entities are developing the capacity to exploit, disrupt or degrade America’s critical infrastructure,” writes the National Counterintelligence Strategy of the US 2020-2022. Through these actions, attackers could potentially coerce US decision-makers, cause panic and disorder and put any countries on their knees.

NCSC’s Strategic Plan addresses the need to protect the US’s critical infrastructure by working on more comprehensive information sharing between federal agencies, local entities and private actors. The plan is also to develop and train government officers able to timely identify and counter threats specifically targeting critical infrastructures and to make better use of current analytical tools while new and more powerful ones are being developed.

Reduce threats to key US supply chains

This recognizes that foreign adversaries are attempting to access the state’s supply chains at multiple points — from concept to design, manufacture, integration, deployment and maintenance. Vulnerabilities are seen in the fact that the wider use of IoT technology as well as reliance on foreign-owned or controlled hardware, software or services can make it easier to compromise the integrity, trustworthiness and authenticity of products and services.

NCSC’s Strategic Plan includes the need to have a realistic assessment of potential foreign capability to disrupt the supply chain as well as better identification of suspect or high-risk vendors, products and software. In addition, it will include more information sharing in the form of a supply chain risk assessment shared repository and outreach to local entities in order to share threat and mitigation information to heighten awareness.

Counter the exploitation of the US economy

This key objective spurs from the need to protect the country’s competitive advantage in world markets and economic prosperity and security. As a recognized global leader in high technology research and innovation, the US is a tremendous target by state actors engaged in cyber-enabled economic espionage, theft of critical technology and intellectual property. This is already costing hundreds of billions of dollars annually and, consequently, has reduced the US economic competitive advantage globally. A particular issue is the presence of foreign intelligence entities likely embedded into US industries, labs and academic institutions.

NCSC’s Strategic Plan starts with increasing capability to detect these threats and sharing knowledge and mitigation procedures with stakeholders, like academia and critical infrastructure entities. The plan also calls for better identification of foreign investments that could lead to potential issues and pose a threat. This undertaking can protect the US economy from foreign adversaries who seek to steal technology and intellectual property that could provide them with an edge in the global marketplace.

Defend American democracy against foreign influence threats

This key issue aims to protect the State’s democratic institutions and processes while preserving a culture of openness. The problem is identified in the work of foreign intelligence attempting to influence Americans and to undermine their confidence in government and democratic institutions, create divisions and attempt to push other countries’ agenda.

The NCSC’s Strategic Plan looks at the need to work with social media and technology providers to spread awareness about potential foreign interference. This will be in addition to increasing counterintelligence capabilities and collaboration with foreign allies in sharing information and best practices to counteract foreign intelligence services that work against democracy.

Counter foreign intelligence cyber and technical operations

This matter addresses the increased capability of foreign entities to conduct cyber-espionage and technical operations harmful to US interests. The development of the Internet of Things, 5G technology, quantum computing and artificial intelligence will present new opportunities for foreign adversaries to collect intelligence on communications technologies and conduct cyber operations against US interests.

NCSC’s Strategic Plan is to create a multifaceted approach to the issue by integrating the efforts of the counterintelligence, security and cyber communities not only in the public sector but also in the private one, in order to develop countermeasures and raise knowledge of these types of threats. This will also allow the training of specialized professionals that will be able to discover in more effective and timely ways vulnerabilities and the cyber and technical threat possibilities of adversaries.

Conclusion 

The United States is confronted with an array of diverse threats and challenges from FIE activities, so NCSC’s endeavor to implement a new strategy that is better able to protect against any strategic adversaries, whether they are foreign states or terrorist and criminal networks, is essential in order to safeguard America’s systems and cyberspace. As we rely more and more on technology, we can imagine how disruptive it would be if any malicious actors would be able to tamper with systems and hold an infrastructure hostage. More advanced technology at our disposal also means, unfortunately, more sophisticated tools for malicious hackers to pursue their agenda.

To defend national interests in this increasingly digitized world, NCSC’s five priorities for 2020 will need to be undertaken not as an individual action, but as part of an effective, collaborative effort; in fact, only a community-wide action can ensure that high-priority CI and security issues and intelligence gaps are addressed in a timely manner. This obviously also means the involvement of private and public organizations, every individual and, of course, democratic allies.

NCSC’s strategic plan correctly identifies key areas where malicious cyber activity or malign actors may concentrate in order to attempt maximum disruption: critical infrastructure, supply chain activities, emerging technologies and trade secrets, are all high-value targets that, if not protected, can have serious effects on national security as well as on the daily operations of any American firms and government agencies.

This new effort finds its strength in the call for collaboration and information sharing, that is really one of the most powerful weapons against the advancing capabilities of malicious actors. The joint effort is essential to advance knowledge, find ways to innovate, as well as share and increase resources. 

 

Sources

  1. National Cyber Strategy of the United States of America, whitehouse.gov
  2. US Counterintelligence Outlines 5 Key Priorities, BankInfoSecurity
  3. Additional Questions for Mr. William R. Evanina upon his nomination to be Director of the National Counterintelligence and Security Center, US Senate Select Committee on Intelligence
  4. National Counterintelligence Strategy of the United States of America 2020-2022, ODNI
  5. National Counterintelligence and Security Center STRATEGIC PLAN | 2018–2022, ODNI
  6. Press Release: NCSC Unveils the National Counterintelligence Strategy of the U.S. 2020-2022, ODNI
  7. National Counterintelligence Plan Calls on ‘Whole-of-Society’ Approach to Tackle Emerging Threats, WashingtonExec, Inc.