On October 6, 2020, the Department of Homeland Security (“DHS”) released a 2020 Homeland Threat Assessment (“HTA”). According to Acting Secretary Chad F. Wolf, the “first of its kind report” identifies the primary threats facing the nation and analyzes the vast array of information coming from all DHS operational components that crosses his desk on a daily basis. “When the American people read this HTA they will be more aware of the traditional threats facing the Homeland like terrorism and organized crime. However, I think they will also realize that we face a significant threat in the Homeland from nation-states like China, Russia, and Iran.”
The genesis for the HTA is DHS’ September 2019 publication, Strategic Framework for Countering Terrorism and Targeted Violence, which called for the DHS to produce an annual report on threats facing the Homeland in order to inform the public, government and private sector. According to the HTA, cyber threats to the nation from both nation-states and non-state actors will remain “acute” and the nation’s critical infrastructure, including energy, health care and transportation sectors, should expect advanced threats of cyber-attacks. And these attacks, designed to disrupt, destroy and obtain both sensitive information and money, will be directed at the private sector as well as Federal, state, local, tribal and territorial governments. While the report identifies Russia and China as “the most capable nation-state cyber adversaries,” it also emphasizes that Iran and North Korea are a threat to U.S. critical infrastructure and systems.
Consistent with its “vital mission: to secure the nation from the many threats” it faces, the HTA’s findings address seven separate areas and draw the following conclusions:
- Cyber Threats: Threats against the U.S. from both nation-states and non-state actors will not only remain “acute” but will likely grow;
- Foreign Influence: The COVID-19 pandemic is fostering additional opportunities for the nation’s competitors to exploit the American people;
- Economic Security: Nation-state actors such as China, Russia, and Iran may use cyber capabilities “to compromise or disrupt critical infrastructure,” including that used in the 2020 elections, and may also attempt to influence the citizens’ political preferences. It also addresses foreign investment in the U.S., threats to the integrity of the supply chain, particularly in relationship to COVID-19, and the exploitation of U.S. academic and research institutions;
- Terrorism: The report addresses both domestic and foreign terrorism and identifies individual and small group actors, driven by ideological convictions as posing the greatest terrorist threat to the DHS, with the primary threat coming from domestic violent extremists;
- Transnational Criminal Organizations: These organizations represent a continued “acute and devastating threat” aimed at undermining public health and safety, though illicit drugs, human smuggling and the exploitation of others for profit, with Mexico-based cartels posing a significant threat to U.S. national security;
- Illegal Immigration: Whether by land, sea or as a result of human trafficking, illegal immigration remains a threat. The extended persistence of the COVID-19 pandemic will shape migration in the United States, Central and South America, and the Caribbean will exacerbate economic and political conditions in the Southwest Border. Once COVID-19-related travel restrictions ease, however, DHS expects that migration will resume to pre-pandemic levels; and
- Natural Disasters: Hurricanes and wild fires will remain a threat to the life and safety of Americans and a threat to the national economy.
The HTA both identifies the threats facing the nations and explains how DHS will deploy its “tools and expertise” to combat those threats. Without a doubt, the COVID-19 pandemic is only exacerbating existing concerns about and opportunities for threats, both physical and cyber, against the U.S. and its citizens. While it is clear from the HTA that foreign terrorist attacks continue to remain a core priority of DHS’s counterterrorism efforts, it is equally clear that the HTA recognizes and is preparing to thwart the growing threats from domestic terrorism.
While threats to the bulk power system are not singled out in the HTA, DHS’ previous warnings of increased cyberattacks against the energy sector are discussed here. The very real nature of the potential for cyberattacks in the energy sector was again highlighted when, on October 21, the U.S. Justice Department unsealed an indictment against six Russian intelligence officers alleged to have masterminded a series of notoriously destructive cyberattacks between late 2015 and late 2019. Among those indicted were two officers allegedly responsible for using malware to successfully compromise three Ukrainian power distribution companies in late 2015. The attack caused a wide-spread blackout that left more than 250,000 Ukrainians without power in December 2015. This event is widely considered the first successful cyberattack on a power grid and serves as a tangible reminder of the energy sector’s vulnerability to cyber interference.