Cyber threat grows exponentially, says outgoing official

The cyber threat -- the number of attacks, the number of hackers and actors, the variety of attacks -- has evolved and grown exponentially says a key White House counterterrorism and cybersecurity advisor.

Lisa Monaco, the assistant to the president for homeland security and counterterrorism since 2013, told an audience at a Jan. 10 Council on Foreign Relations event in New York that the growth of the internet of things will only increase the attack surface for the expanding number of malicious cyber actors around the world.

"The tactics and the techniques and the procedures are getting more varied," she said. "From intrusions, to asymmetric information operations, to destructive attacks, to [one] that frankly concerns me greatly, which is the ability to manipulate data such that we question its integrity going forward."

Monaco said that the Obama administration made "great strides" on cyber with the creation of the Cyber Threat Intelligence Integration Center under the Office of the Director of National Intelligence and with Presidential Policy Directive 41 that outlines roles and responsibilities in response to a significant cyber incident.

"I hope [the next administration continues] those very clear lines and they build on that," she said.

Monaco outlined a number of other cyber challenges and priorities for the incoming administration.

She said that the asymmetric tools Russia employed during the election -- hacking, cyber intrusions, information operations -- "those things I think are tactics and techniques that we are going to have to come to grips with increasingly."

Not only will the government have to come to grips with those attacks, but it will have to get faster, she said. While she defended the administration's response to Russia's campaign to interfere in the presidential election, she said the government must become more nimble in answering cyber attacks.

Two particular challenges, she said, are coming up with some form of cyber deterrence and moving the private sector to play a larger role in cyber defense.

Regarding deterrence, Monaco said it is impossible to measure an adversary's "stockpile" of weapons the way the U.S. and the Soviet Union did during the Cold War, and therefore the most feasible approach in the short run is to build international norms of cyber behavior.

That "doesn't mean everyone is going to adhere to them, because that's true in the physical world as in the cyber realm, but it does allow nation states to isolate other nation states who violate those norms," she said.

Those norms include banning attacks on critical infrastructure like electric grids or prohibiting cyber IP theft.  Monaco said the new administration must press ahead with strengthening international cyber norms.

The tougher challenge is organizing the private sector around cybersecurity. Monaco said that when it comes to terrorism, government intelligence agencies collect the majority of information about threats.

"That is not the case when it comes to cyber," she said. "The vast majority of infrastructure is owned and operated by the private sector, and they're often going to be most knowledgeable about the intrusions on their own systems."

That's why she said pushing the private sector to share cyber threat information with the government is critical.

"To be able to and be willing to share information with the government so that we can in turn enrich that information, share it back with the private sector to help [it] raise its defenses, … helps us all raise our defenses," she said.