Security

Intelligence officials see cyberattacks as a top US threat

Cyberattacks are near the top of the list of most serious threats facing the U.S., with the rivaling concerns about terrorism and North Korea, intelligence officials with President Barack Obama’s administration said.

James Clapper, the Obama administration’s national security director, and Robert Mueller, director of the U.S. Federal Bureau of Investigation (FBI), were among the officials that pointed to cyberattacks as top threats during a hearing Tuesday before the Senate Intelligence Committee.

Clapper, a retired Air Force general, said he has not seen a “more diverse array of threats and challenges” for U.S. national security during his time in the defense and intelligence communities. Clapper led off with cyberattacks in his Senate testimony about security threats facing the U.S.

“I cannot overemphasize its significance,” Clapper said. “Increasingly, state and non-state actors are gaining and using cyberexpertise. These capabilities put all sectors of our country at risk, from government and private networks to critical infrastructures.”

Intelligence agencies see interest from terrorist organizations in acquiring offensive cybercapabilities, he added. Cybercriminals are using black markets to sell hacking tools to a number of organizations, he said.

Asked what threats worry him the most, Mueller identified cyberattacks. The FBI investigates cyberattacks related to criminal and to terrorist activity, he said. Terrorist groups continue to use the Internet to recruit followers, he added.

Committee members also raised concerns about cyberattacks. Senator Dan Coats, an Indiana Republican, called on Congress to pass a bill that would encourage information-sharing about cyberthreats among private businesses and between businesses and government agencies. A recent executive order signed by Obama enables more information-sharing from the government to businesses, but businesses need protection from lawsuits before they will be comfortable sharing their information, Coats said.

“This is a serious threat, and we need to get on it,” Coats said.

Senator Dianne Feinstein, a California Democrat and committee chairwoman, said she plans to introduce an information-sharing bill soon. Two members of the House of Representatives introduced the controversial information-sharing bill, the Cyber Intelligence Sharing and Protection Act (CISPA), in February.

Even as the threat of physical terrorism against the U.S. is diminishing, the threat of cyberattacks and cyber-espionage is growing, Feinstein said. Recent reports suggest “massive cyberpenetrations” into U.S. companies, she said.

During the hearing, Clapper raised concerns about budget cuts forced under the congressional process called sequestration. Intelligence agencies will be forced to cut each program by 7 percent during this current fiscal year, and those cuts will hamper the agencies’ ability to acquire the technology needed to fight cyberattacks, he said. The cuts will also hurt national security in several other ways, he said.

Also during the hearing, Senator Ron Wyden, an Oregon Democrat, questioned Clapper and Mueller about intelligence agencies’ surveillance of U.S. citizens inside the U.S. Pressed by Wyden, Clapper said the U.S National Security Agency and Central Intelligence Agency do not “wittingly” conduct surveillance on U.S. citizens inside the country.

Wyden asked Mueller if the FBI needs a court-ordered warrant, requiring law enforcement to show probable cause of a crime, or uses a less strict standard to conduct surveillance on U.S. residents. With some disagreements in U.S. courts about the appropriate standard, it depends on the circumstance, Mueller said.

The FBI will “see where the courts go,” Mueller said.

“You have identified the exact reason why I am trying to get the answer,” Wyden said. “There’s no doubt we are going to watch what the courts do in the days ahead. The question is, what would be the rights of Americans while that is still being fleshed out?”

Subscribe to the Security Watch Newsletter

Comments