U.S. intelligence director says online threats growing as more nations dedicate resources to cyber warfare

Director of National Security James Clapper told a House panel Sept. 10 that cyber threats to U.S. military, civilian, corporate and financial infrastructure are growing exponentially, as well as becoming much more sophisticated.

In testimony^[PDF] before the House Permanent Select Committee on Intelligence, Clapper said threats from cyberattacks and hacking to U.S. national and economic security “are increasing in frequency, scale, sophistication and severity of impact.”

“Overall, the unclassified information and communication technology (ICT) networks that support US Government, military, commercial, and social activities remain vulnerable to espionage and/or disruption,” Clapper said.

While the threat of “Cyber Armageddon” remains small at the present time, the DNI nevertheless said the intelligence community foresees “an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time,” which he says will cost the U.S. in terms of “economic competitiveness and national security.”

Clapper further noted that several nations, including North Korea and Iran, have launched cyber offensives against private sector targets in support of their economic or foreign policy objectives, and at times to coincide with political crises at home.

And though network defenses are always improving, Clapper said “diverse possibilities” that can stem from “remote hacking intrusion, supply chain operations to insert compromised hardware or software, actions by malicious insiders, and mistakes by system users” mean nearly all networks will remain at risk of penetration for the foreseeable future.

“In short, the cyber threat cannot be eliminated; rather, cyber risk must be managed.” Clapper told the House panel. “Moreover, the risk calculus some private sector entities employ does not adequately account for foreign cyber threats or the systemic interdependencies between different critical infrastructure sectors.”

The director went on to list several recent high- and low-profile cyber attacks:

— Earlier this year, the Office of Personnel Management (OPM) found that a number of its systems were compromised. “These systems included those that contain information related to the background investigations of current, former, and prospective federal government employees, as well as other individuals for whom a federal background investigation was conducted. OPM announced the compromise resulted in 21.5 million personal records being stolen,” he said.

— JPMorgan Chase officials announced that they would be boosting spending on cybersecurity after a 2012–13 DDOS – distributed denial of service – attack on the U.S. financial sector, vowing to spend $250 million annually to improve defenses. “After the company suffered a hacking intrusion in 2014, JPMorgan’s CEO said he would probably double JPMorgan’s annual computer security budget within the next five years,” Clapper testified.

— A data breach occurred at Home Depot in 2014, in which 56 million credit/debit cards and 53 million customer emails were stolen. The home improvement company estimated that the hack cost around $62 million.

— U.S. firm Community Health Systems reported to the Securities and Exchange Commission in August 2014 that it believed hackers “originating from China” had stolen personally identifiable information on about 4.5 million people.

For more breaking news on America’s cybersecurity efforts, check out CyberWar.news, powered by FETCH.news.

Clapper also noted that advances in technology have made it more difficult for hackers to operate undetected and to shield their identities.

“Although cyber operators can infiltrate or disrupt targeted ICT networks, most can no longer assume that their activities will remain undetected indefinitely,” he testified. “Nor can they assume that if detected, they will be able to conceal their identities. Governmental and private sector security professionals have made significant advances in detecting and attributing cyber intrusions.”

The DNI added that politically motivated hacking appeared to be on the rise, with state-sponsored and non-state actors making increased attempts to access U.S. infrastructure, perhaps with a end goal of disrupting some services.

Also, he said cyber probing and attempts to hack U.S. government, military and private sector systems occur “on a daily basis.”

Often, he said, it was difficult to figure out whether the hack was coming from an individual or a state-sponsored actor.

“Distinguishing between state and non-state actors within the same country is often difficult—especially when those varied actors actively collaborate, tacitly cooperate, condone criminal activity that only harms foreign victims, or utilize similar cyber tools,” he said.

Concluding, Clapper noted that President Obama had directed him to establish a new cybersecurity center.

“Ensuring the integration of such activities in support of our policy makers and national security is a core mission for the Office of the Director of National Intelligence, and was one reason the President directed me to form a Cyber Threat Intelligence Integration Center (CTIIC),” he said. “I look forward to working with this Committee to enable the Intelligence Community in general and CTIIC in particular to support our nation in this vital area.”