White House official: Cyberthreats continue to multiply
- By Sean D. Carberry
- Oct 06, 2016
A senior White House official said cyberthreats are figuring more prominently in President Barack Obama's daily briefing on intelligence and national security concerns.
"What I have found in the three-and-a-half years I have been in this position is that cyberthreats have consumed a greater and greater portion of the piece of the briefing that I do," said Lisa Monaco, assistant to the president for homeland security and counterterrorism.
Speaking at the Washington Post Cybersecurity Summit, Monaco said that almost on a daily basis now, she has to brief the president on some variety of cyberthreat.
"I've been struck by the breadth of the threats that we're facing, certainly against the U.S. government, against the private sector," she said.
Monaco added that cyberthreats are coming from an increasing range of actors --countries such as Russia, China, Iran and North Korea; criminal entities; and individual hackers.
"The other thing that is featured prominently in [the president's] briefing and in cyberthreats in general has been the range of tactics that we're seeing," she said. "Added to issues like denial-of-service attacks has been the increasing willingness of aggressive actors to use destructive attacks in the cyber realm."
In addition, the threat of data manipulation is growing. Monaco said the integrity of data is a near-, mid- and long-term concern.
In that regard, she acknowledged the recent probing of state election systems but echoed the argument of FBI Director James Comey and others that U.S. election systems are resilient and often not connected to any network, thereby protecting them from being hackers.
Intelligence officials and industry experts have attributed those probes and the hacks of Democratic National Committee servers to actors backed by the Russian government. Members of Congress have accused the Obama administration of failing to take public and assertive action against Russia, which they said is emboldened by the lack of retaliation and a clear policy of cyber deterrence.
"I disagree with the critics that we don't have a strategy or a deterrence policy," Monaco said.
She argued that Obama has worked to create an international set of norms for cyber behavior -- for example, by establishing that countries will not launch cyberattacks on one another's critical infrastructure and will not conduct cyber espionage for economic purposes.
"When countries violate those norms, there's an isolation of that country, there's an agreement that you can impose sanctions," Monaco said. "Maybe there is a consideration that there's an act of aggression if those norms are violated, so there's a framework there."
She added that the administration continues to build a response framework based on the broad question of what is in America's national security interest.
"We will respond in a time and place and manner of our choosing, and when we do so, we will consider a full range of tools -- economic, diplomatic, criminal law enforcement, military -- and some of those responses may be public and some of them may not be," she said.
The same guiding philosophy is used to respond to terrorism or any military or intelligence actions against U.S. interests, she added.
Furthermore, any public declarations or actions must not reveal the sources and methods the U.S. used to gather intelligence and attribute an attack to a particular actor, Monaco said.
She cited the U.S. decision to confront China over its cyber espionage as an example of how publicly attributing malicious cyber activity can have a deterrent effect.
"We've seen a diminishment in that behavior [by China]," Monaco said. "However, I think this is something we have to be continually vigilant on and be very clear, as we have been with the Chinese, that we expect adherence to this commitment," she added in reference to the agreement reached between China and the U.S. to fight economic cyber espionage.
In addition, the U.S. continues to face the threat of the "malicious insider," she said, and she cited the Justice Department's arrest of a Booz Allen Hamilton contractor who is alleged to have stolen National Security Agency software used to hack foreign adversaries.
"What this case and others have pointed out is we can't completely guarantee that we can eliminate the threat of a determined insider who is determined to steal information," Monaco said.
Sean Carberry is a former FCW staff writer who focused on defense, cybersecurity and intelligence.