Page:Foreign Economic Espionage in Cyberspace.pdf/12

  {{border|

Recent Unsealed U.S. Indictment with a Link to Russia
In March 2017, the United States Department of Justice indicted two FSB officials and their Russian cybercriminal conspirators on computer hacking and conspiracy charges related to the collection of emails of U.S. and European employees of transportation and financial services firms. The charges included conspiring to engage in economic espionage and theft of trade secrets. }}

We believe that Russia will continue to conduct aggressive cyber operations during the next year against the United States and its allies as part of a global intelligence collection program focused on furthering its security interests. Although cyber operations are just one element of Russia's multipronged approach to information collection, they give Russia's intelligence services a more agile and cost-efficient tool to accomplish Moscow's objectives. Indeed, Russian cyber actors are continuing to develop their cyber tradecraft—such as using open-source hacking tools that minimize forensic connections to Russia.



Iran: An Increasing Cyber Threat
Iranian cyber activities are often focused on Middle Eastern adversaries, such as Saudi Arabia and Israel; however, in 2017 Iran also targeted U.S. networks. A subset of this Iranian cyber activity aggressively targeted U.S. technologies with high value to the Iranian government. The loss of sensitive information and technologies not only presents a significant threat to U.S. national security. It also enables Tehran to develop advanced technologies to boost domestic economic growth, modernize its military forces, and increase its foreign sales. Examples of recent Iranian cyber activities include the following:


 * The Iranian hacker group Rocket Kitten consistently targets U.S. defense firms, likely enabling Tehran to improve its already robust missile and space programs with proprietary and sensitive U.S. military technology.
 * Iranian hackers target U.S. aerospace and civil aviation firms by using various website exploitation, spearphishing, credential harvesting, and social engineering techniques.
 * The OilRig hacker group, which historically focuses on Saudi Arabia, has increased its targeting of U.S. financial institutions and information technology companies.
 * The Iranian hacker group APT33 has targeted energy sector companies as part of Iran’s national priorities for improving its petrochemical production and technology.
 * Iranian hackers have targeted U.S. academic institutions, stealing valuable intellectual property and data.

 9