As members of the intelligence, military, and homeland security communities evaluate the emerging cyber threats emanating from hostile nation states, they must consider important distinctions in the capabilities and attack patterns of adversaries like China and Iran, cybersecurity experts told a House subcommittee on Wednesday.
Testifying before the House Committee on Homeland Security's cybersecurity subcommittee, witnesses drew a sharp distinction between the threats from comparatively mature actors like China and Russia, with which the United States has longstanding—if strained—diplomatic and economic ties, and nations like Iran and North Korea.
[Related: Did China's Army Hack U.S. Companies?]
The cyber threats from China and Russia are typically motivated by economic interests, according to the witnesses, who describe a pattern of intrusions in service of industrial espionage or gaining access to intellectual property. While of grave concern for U.S. businesses and the government, those activities are carried out with a far different intent than state-sponsored attacks seeking to disable critical infrastructure the witnesses warn could come from Iran—either directly or through a proxy.
Cyber threats from Iran more hostile
"Iran is a qualitatively different cyber actor," says Ilan Berman, vice president at the American Foreign Policy Council. "China and Russia are both focused primarily on cyber theft and cyber espionage. Iran is not. Iran boasts today little by way of cyber-espionage capability.
Rather, what Iran is building is a cyber capability that is retaliatory in nature, and it's built largely around Iranian perceptions of the unfolding conflict that is now ongoing between itself and the West over its acquisition of a nuclear capability."
As a result, Berman explains, the situation with Iran and its cyber posture is "particularly volatile" compared with relations between the United States and Russia and China.
"While these other countries are pursuing a degree of diplomatic normalcy with the United States, Iran is not," Berman says.
Wednesday's hearing comes amid renewed efforts by lawmakers in both houses of Congress and both parties to draft cybersecurity legislation to improve the defenses of the public and private sectors without imposing burdensome compliance mandates on businesses or weakening personal privacy protections.
Rep. Patrick Meehan (R-Penn.), chairman of the cybersecurity subcommittee, said that he hopes to advance a cybersecurity bill this congress, and Michael McCaul (R-Texas), chairman of the full Homeland Security Committee, said he is eager to work toward a markup once legislation is drafted.
In considering attacks emanating from foreign actors, where attribution and the involvement of a foreign government are often murky at best, the hearing focused on one of the more challenging aspects of the cybersecurity debate.
Next: Government officials discuss threat