U.S. authorities were sitting on a sensitive secret last fall when Canada detained a top Huawei Technologies Co. executive on alleged U.S. sanctions violations. Two months earlier, the U.S. had arrested another Chinese national on similar suspicions and was holding her at a grim jail in Washington, D.C. An employee of an unidentified Chinese technology company, she had been nabbed on vacation in California.
Businesses and government agencies in the United States have been targeted in aggressive attacks by Iranian and Chinese hackers who security experts believe have been energized by President Trump’s withdrawal from the Iran nuclear deal last year and his trade conflicts with China.
A former U.S. Air Force counterintelligence agent who defected to Iran has been charged with spying for the regime, revealing the identity of a U.S. intelligence officer and helping target her former colleagues, the Justice Department said on Wednesday.
Lawmakers fear that increased threats from foreign actors, combined with lingering effects from the government shutdown, are making the U.S. more susceptible to cyberattacks. The Department of Homeland Security (DHS) issued its first-ever emergency directive during the record-long shutdown, requiring federal agencies to secure certain systems after researchers found Iranian actors were trying to penetrate U.S. government networks.
The shock arrest of Meng Wanzhou, who is also Huawei Technologies' chief financial officer, is riling authorities in Beijing and raises fresh doubts over a 90-day truce on trade struck between Presidents Donald Trump and Xi Jinping on the day she was detained.
Energy Secretary Rick Perry on Thursday applauded Russia for its moves to boost oil production in advance of the reimposition of U.S. tariffs against Iran. Perry was in Moscow to meet with Russian Energy Minister Alexander Novak to discuss world oil markets.
"Foreign economic and industrial espionage against the United States continues to represent a significant threat to America's prosperity, security and competitive advantage," the National Counterintelligence and Security Center said. "China, Russia and Iran stand out as three of the most capable and active cyber actors tied to economic espionage and the potential theft of U.S. trade secrets and proprietary information."
While Russia may be the most aggressive, the U.S. officials said Iran is making preparations that would enable denial-of-service attacks against thousands of electric grids, water plants, and health care and technology companies in the U.S., Germany, the U.K. and other countries in Europe and the Middle East.
Within 24 hours of the announcement, researchers at security firm Crowdstrike reported a "notable" shift in Iranian cyberactivity, The New York Times reported. According to the Times, Iranian hackers sent emails containing malware to diplomats in the foreign affairs offices of U.S. allies and telecommunications companies.
The Iranian defendants are accused of working at the behest of the Iranian Revolutionary Guard Corps to steal large quantities of academic data from hundreds of universities in the United States and abroad as well as email accounts belonging to employees of government agencies and private companies.