How China, Iran, and Russia Have, Are, and Will Attack the US

Jeffrey Crump
9 min readSep 15, 2020

With the looming US elections, fears of cyberattacks by nation state threats have reached a pace paralleled only by the early spread of COVID-19. But, are these fears manufactured to fuel a political agenda or is there actual evidence to support the claims? Let’s take a look at information one research think tank has to substantiate cries China, Iran, and Russia are the most concerning malicious actors and it’s not that they are coming, they’re already here, in our systems, and they’ve been here a while.

Before jumping in, credit must be given to the federally funded, non-profit MITRE Corporation and their cybersecurity unit, which has produced the ATT&CK™ framework. The publicly accessible online version of the framework is a treasure trove of information on the tactics and techniques used by particularly nasty groups of hackers called advanced persistent threats, commonly referred to as APTs.

An APT is typically a nation state or state-funded entity whose interests lie in gaining unauthorized access to an adversary’s most sensitive information systems and intellectual property. It’s a whole lot easier to build a stealth fighter (the F-35 Lightning II has more than 300,000 parts) when you have the instructions, and if you’ve ever found yourself in the middle of building pretty much anything from IKEA, you know you’d beg, borrow, or steal for a shortcut.

The level of detail in ATT&CK is exactly what organizations on the digital front lines need in order to…

--

--