Intelligence director urges Congress to act on cyber threat

The impending cyber threat requires the immediate attention of Congress, according to a top intelligence official who singled out China, Russia and a failure of policy keeping up with the speed of technology as top threats to the nation’s critical networks.

“Cyber threats pose a critical national and economic security concern due to the continued advances in—and growing dependency on—the information technology that underpins nearly all aspects of modern society,” Director of National Intelligence James Clapper said in a Feb. 2 testimony submitted to the House Permanent Select Committee on Intelligence. “Our technical advancements in detection and attribution shed light on malicious activity, but cyber intruders continue to explore new means to circumvent defensive measures.”

He said the danger is multi-fold owing to the fact that threats evolve quickly, range in scope and breadth and come from both state and non-state actors.

Clapper used a number of current-events examples to illustrate a cyber threat rapidly evolving and gaining velocity globally, including Chinese and Russian theft of intellectual property, attack campaigns led by hacker groups like Anonymous and Lulzsec, intrusions of networks of high-profile organizations like NASDAQ and the International Monetary Fund and the irrepressible surge of social media use that catalyzed the Arab Spring movement.

Earlier in the week, the director also highlighted a triumvirate of geopolitical cyber adversaries in Russia, China and Iran.

“Russia and China are aggressive and successful purveyors of economic espionage against the United States. Iran’s intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity,” Clapper said in a Jan. 31 statement to the Senate Select Committee on Intelligence. “We assess that [Foreign Intelligence Services] from these three countries will remain the top threats to the United States in the coming years.”

He also noted the danger of insider threats as one of many primary concerns about the security of U.S. networks.

“We currently face a cyber environment where emerging technologies are developed and implemented faster than governments can keep pace,” Clapper said. Those events “underscore the vulnerability of key sectors of the US and global economy.”

Clapper was joined on Capitol Hill by CIA Director David Petraeus and FBI Director Robert Mueller, who told the Senate cyber attacks could surpass terrorism as the nation’s top threat.

Members of Congress seemed to agree with the gravity of the cyber threat Clapper and Mueller described, although it wasn’t clear what will be done or when.

“Today’s cyber criminals have the ability to interrupt life-sustaining services, cause catastrophic economic damage, or severely degrade the networks our defense and intelligence agencies rely on. Congress needs to act on comprehensive cybersecurity legislation immediately,” Sen. Jay Rockefeller (D-W.V.) said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.

Featured

  • FCW @ 30 GPS

    FCW @ 30

    Since 1996, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

  • Shutterstock image.

    Merged IT modernization bill punts on funding

    A House panel approved a new IT modernization bill that appears poised to pass, but key funding questions are left for appropriators.

  • General Frost

    Army wants cyber capability everywhere

    The Army's cyber director said cyber, electronic warfare and information operations must be integrated into warfighters' doctrine and training.

  • Rising Star 2013

    Meet the 2016 Rising Stars

    FCW honors 30 early-career leaders in federal IT.

Reader comments

Thu, Feb 16, 2012

"I would like to know why Al Gore didnt consider security when he invented the internet." u gotta be kiddin me!

Fri, Feb 10, 2012

Robert Mueller told Congress, "cyber attacks could surpass terrorism as the nation’s top threat." Here I was thinking a cyber attack was an act of terrorism...silly me.

Tue, Feb 7, 2012 Robert MD

We are using civilian grade systems to defend against military grade threats. IT systems original creators simply didn't forcee today's chaos. Perhaps we need to create a Manhatten project and create a better mousetrap? Ultimately this all boils down to simply protecting data from people that want to steal it and maintaining systems integrity. If he had higher standards for system integrity maybe we would give up a little privacy and let unclesam inspect our evil email content. I predicted years ago the human attackers would become more aggressive at physical attacks. Whenever we make on avenue hard the bad guy will just try another route. Spies already work on our networks but that's the price of a free society.

Tue, Feb 7, 2012 Joe Cooper Chantilly, VA

I would like to know why Al Gore didnt consider security when he invented the internet. Had we built in the capability to trace hackers and intruders, we could have pulled the plug on them as soon as we saw them abusing the net. Too late now, but this issue dwarfs global. Where were his priorities?

Mon, Feb 6, 2012 earth

Oh Dear God! Do we really want political bodies like congress or the “security services” to come up with legislation on matters as important to the health and welfare of this nation as communication services? I suggest congress adjure this responsibility to an “industry standards” group like the NFPA that comes up with the National Electrical Code. Communications and its infrastructure should be seen as a “utility” the same as transportation, electrical service, black and potable water. This body can also develop standards for such things as encryption of data at rest but there might also need to be a separate body for “information” separate from “communication”. What we have now is a hodge podge of rules created as a reactionary response instead of a studied, integrated standards setting effort that balances safety with utility. This might mean that programmers need a “contractor’s license” to develop in some areas of concern and there may need to be a permitting office with the right of oversight but why not impose a system that has been shown to work.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group