U.S. companies hit by recent attacks included Hewlett Packard Enterprise Co and International Business Machines Corp.
The National Counter-Intelligence and Security Center, which coordinates counter-intelligence efforts within the U.S. government, launched the outreach campaign to address persistent concerns that many companies are not doing enough to guard against cyber theft.
The Center is worried about cyber attacks on U.S. government agencies and the private sector from China, Russia, North Korea and Iran.
Top corporate executives and directors should “know the intent of our adversaries and what they are trying to do economically to gain the upper hand,” William Evanina, a veteran FBI agent who oversees the center, said in an interview. “We are not saying don’t invest in China or with China, but know the risk.”
The drive targets trade associations across the United States and their members. Videos, brochures and online informational materials describe the threat posed by cyber espionage and other methods used by foreign intelligence services.
One brochure details methods hackers use to break into computer networks and how they create fake social media accounts to deceive people into revealing work or personal details. It outlines ways to protect information, such as researching apps before downloading them and updating anti-virus software.
Evanina said the new campaign also focuses on what he called Moscow’s “aggressive, persistent attacks” on computer networks of critical U.S. infrastructure, which includes power grids and communications, financial and transportation systems.
China and Russia have repeatedly denied conducting such attacks.
The most serious threats now facing companies, Evanina said, are efforts to plant malicious software in components purchased from suppliers or to substitute counterfeit parts for genuine products.
Companies need to take greater care to counter those efforts and in vetting new hires because of the growing danger of employing people acting for foreign powers, he said.