Threats from cyber-espionage, computer crime, and attacks on critical infrastructure will surpass terrorism as the number one threat facing the United States, FBI Director Robert Mueller testified today.
Mueller and National Intelligence Director James Clapper, addressing the annual Worldwide Threat hearing before the Senate Select Committee on Intelligence, cited their concerns about cyber-security and noted that China and Russia run robust intrusion operations against key U.S. industries and the government.
“I do not think today it is necessarily [the] number one threat, but it will be tomorrow,” Mueller said. “Counterterrorism — stopping terrorist attacks — with the FBI is the present number one priority. But down the road, the cyberthreat, which cuts across all [FBI] programs, will be the number one threat to the country.”
A report released in November by the National Counterintelligence Executive singled out Russia and China for their aggressive efforts to steal American intellectual property, trade secrets and national security information.
“The cyberthreat is one of the most challenging ones we face,” Clapper said. “Among state actors, we’re particularly concerned about entities within China and Russia conducting intrusions into U.S. computer networks and stealing U.S. data. And the growing role that nonstate actors are playing in cyberspace is a great example of the easy access to potentially disruptive and even lethal technology and know-how by such groups.”
“We foresee a cyber-environment in which emerging technologies are developed and implemented before security responses can be put in place,” Clapper said. U.S. officials estimate that there are 60,000 new malicious computer programs identified each day.
Last week the computer security firm Symantec released a report on a Trojan horse program dubbed “Sykipot,” which researchers say was traced to computer servers in China and was allegedly targeting firms in the defense industry.
“The Sykipot attackers have a long running history of attacks against multiple industries. Based on these insights, the attackers are familiar with the Chinese language and are using computer resources in China. They are clearly a group of attackers who are constantly modifying their creation to utilize new vulnerabilities and to evade security products and we expect that they will continue their attacks in the future,” Symantec noted in a blog posting.
In the past several years there has been a growing list of complex computer breaches that highlight the wide array of threats the officials were testifying about:
• The high-profile intrusions of Google’s Gmail by China in 2009 also targeted as many as 30 other high-tech companies including Yahoo, Adobe, Rackspace and Northrop Grumman. U.S. officials believe China was attempting to gain access to these firms’ networks to obtain intellectual property and source code information.
• China is also believed to be behind hacking into computer systems run by NASDAQ-OMX, the parent company of the NASDAQ stock exchange, and an intrusion last year into computers at the International Monetary Fund.
• Last year RSA, the security division of the EMC Corp., suffered a breach of the firm’s intellectual property, SecureID, which provides encrypted authentication services to defense contractors and the U.S. government, including the FBI. U.S. officials say Chinese entities compromised the RSA SecureID system to try to break into computers used by defense contractor Lockheed Martin.
• In 2007, Russia waged cyber-attacks against computer systems in Estonia and U.S. official have also cited Russia using cyber-capabilities in the conflict between Russia and Georgia in 2008.
• Non-state entities such as the computer “hacktivist” group Anonymous have wreaked havoc recently with distributed denial of service attacks against the websites of the Justice Department, Universal Music, the Motion Picture Association of America, the Recording Industry Association of America and the FBI. Anonymous also has conducted sophisticated intrusions, breaching the computer systems of government contractor HB Gary, a cyber-security firm, in early 2011 when they downloaded more than 50,000 emails from the firm and posted private information about the CEO on his own Twitter account.
In the next month, Congress is expected to take up debate about pending cyber-security legislation that could possibly give the Department of Homeland Security new authorities to protect critical computer networks. Senators today on the Hill questioned the panel about why they have not done more to move forward on the issue.
“I can tell you that we are exceptionally concerned about that threat,” Mueller said, citing the establishment of the National Cyber Investigative Joint Task Force that brings together the 18 intelligence agencies to work on various cyber threats.
“In the same way we changed to address terrorism, we have to change to address cybercrime.” Mueller said. “And so we have to build up the collective addressing of that threat in the same way that we did so and broke down the walls in the wake of September 11th .”