U.S. senators have released a report noting the vulnerabilities of the National Counterintelligence and Security Center stemming from prevalent dysfunction, failure to adapt to cybersecurity and "whole-of-society" threats, and inadequate resources, CyberScoop reports.
Increasingly sophisticated threat intelligence tools used by China and other adversaries to target more U.S. entities should prompt the counterintelligence center to better define its mission and strategies, according to the Senate report.
"There is no consensus as to whether certain emergent threats, particularly foreign malign influence and cyber threats, fit within the definition of [counterintelligence]," said the report.
Senate Intelligence Committee Chairman Mark Warner, D-Va., noted the importance of strengthening the counterintelligence center amid an evolving threat landscape, while Committee Ranking Member Marco Rubio, R-Fla., said that counterintelligence operations have since evolved not only to steal information but also facilitate disinformation.
"New threats and new technology mean that we have to make substantial adjustments to our counterintelligence posture if we are going to protect our country's national and economic security," Warner said.
Without the need for specialized audio equipment to conduct PIXHELL, threat actors could leverage social engineering and software supply chain attacks to distribute covert data exfiltration channel-triggering malware that would create an acoustic channel for the data.
Russian state-sponsored threat group Coldriver has been suspected by the Free Russia Foundation of being behind the intrusion, which involved the targeting of several entities to exfiltrate internal documents, grant reports, and other correspondences in retaliation against pro-democracy Russians
Simultaneous target infiltration and reconnaissance, network compromise, and data exfiltration activities have been performed by Clusters Alpha, Bravo, and Charlie, respectively.