Risk
2/1/2012
11:33 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Cyber Attacks Becoming Top Terror Threat, FBI Says

Hackers will one day outstrip terrorists as top threat to U.S., FBI director tells a Senate committee. Attacks predicted to become more complex and frequent.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
Cyber attacks against government agencies and businesses in the United States continue to rise, and cyber threats will one day surpass the danger of terrorism to the United States, intelligence community officials said in an open hearing of the Senate select intelligence community Tuesday.

"Stopping terrorists is the number one priority," said FBI director Robert Mueller. "But down the road, the cyber threat will be the number one threat to the country. I do not think today it is necessarily [the] number one threat, but it will be tomorrow."

The rare open hearing of the Senate's intelligence committee, an annual one that surveys the threats to the United States from around the globe, included testimony by Mueller, director of national intelligence James Clapper, and CIA director David Petraeus. Tuesday's hearing looked at the broad spectrum of threats to the nation, but numerous administration officials will brief Congress in a classified hearing today that will focus more pointedly on cybersecurity.

Congress' interest in cybersecurity remains high. Both the House and Senate continue to work toward comprehensive legislation on the issue. The House Committee on Homeland Security is marking up cybersecurity legislation Wednesday, and the Senate will move to consider a comprehensive cybersecurity bill later this month, though industry has raised concerns about cost over the Senate bill. The Senate homeland security and governmental affairs committee has indicated that it may hold a hearing on that bill within the next two weeks.

Clapper said that cybersecurity is already at the forefront of national security concerns, right there with terrorism, proliferation of weapons, and espionage. "In the last year, we observed increased breadth and sophistication of computer network operations by both state and non-state actors," he said in prepared testimony.

[ Read about the Obama Administration's efforts to update current cybersecurity legislation: White House Presses For New Cybersecurity Laws. ]

The greatest challenges to protecting against cyber threats, Clapper said, are the difficulty of providing timely and actionable warning of attacks--he cautioned that "many intrusions into U.S. networks are not being detected"--and the complex vulnerabilities within the IT supply chain. Attribution remains a difficult technical challenge, but the government is increasingly sharing threat information among government agencies and with the private sector. Vulnerabilities in the IT supply chain have been a concern for the Department of Defense for several years, but the issue has not been raised to the same level of public discourse as information sharing and the range of cybersecurity technologies that agencies are implementing to thwart attacks.

Clapper singled out attacks from China and Russia as the biggest threats from state actors and said that those two countries have been responsible for "extensive illicit intrusions" into U.S. networks, but also said that Iran's cyber capabilities have "increased in depth and complexity" in recent years. China and Russia have been high on cyber-watchers' lists of concerns for several years now, but Iran is a relatively new addition. Iran's military recently claimed that it brought down an American drone by hacking into its guidance systems.

The intelligence community isn't concerned only with threats from other countries, however. Clapper said that non-state actors are increasingly gaining in prominence, and in fact already have "easy access to potentially disruptive and even lethal technology." For example, he noted that hacker groups like Anonymous and LulzSec have been carrying out a consistent campaign of distributed denial of service attacks and website defacements, and that intrusions into NASDAQ and the International Monetary Fund "underscore the vulnerability of key sectors of the economy."

Targets against security technologies themselves, such as last year's attack against security company RSA, which led to several other attacks, are also of particular concern, Clapper said. He also lashed out against "wholesale plundering" of American intellectual property.

At the hearing, senators also sparred with witnesses about which agencies would take charge in the event of a major cyber-attack, and what the role of the president would be. For example, Sen. Barbara Mikulski, D-Md., raised concerns about what would happen in the event of an attack on the electrical grid of a city hosting a political convention. While representatives from the DHS and FBI both said the initial response would fall to DHS, FBI director Mueller said that the FBI or NSA would be the ones to determine attribution.

InformationWeek's 2012 Government IT Innovators program will feature the most innovative government IT organizations in the 2012 InformationWeek 500 issue and on InformationWeek.com. Does your organization have what it takes? The nomination period for 2012 Government IT Innovators closes April 27.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

CVE-2014-0762
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows physically proximate attackers to cause a denial of service (infinite loop or process crash) via crafted input over a serial line.

CVE-2014-2380
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.

CVE-2014-2381
Published: 2014-08-27
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.

CVE-2014-3344
Published: 2014-08-27
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCuq31129, CSCuq3...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.