March 13, 2013 — -- America's biggest national security threat could come not from bullets or bombs in a terrorist attack, but from a computer keyboard.
That's the assessment of a cadre of the nation's top intelligence officials, who told Congress Tuesday that cyber attacks lead the numerous national security threats the United States faces.
It is the first time since the Sept. 11, 2001 terrorist attacks that anything other than the an extremist threat has been the top concern in the Intelligence Community Worldwide Threat Assessment, which is presented annually to the Senate Select Committee on Intelligence.
James Clapper, Director of National Intelligence, told the panel Tuesday that cyber and financial threats were being added "to the list of weapons being used against us" and which help define a new "soft" kind of war.
"When it comes to the distinct threat areas, our statement this year leads with cyber and it's hard to overemphasize its significance" said Clapper.
According to Clapper, state and non-state actors are increasingly gaining "cyber expertise" which they use "to achieve strategic objectives by gathering sensitive information from public- and private-sector entities, controlling the content and flow of information, and challenging perceived adversaries in cyberspace."
Clapper said those cyber capabilities "put all sectors of our country at risk, from government and private networks to critical infrastructures."
He warned that the intelligence community is seeing indications that some terror groups are interested "in developing offensive cyber capabilities and that cybercriminals are using a growing black market to sell cyber tools that fall into the hands of both state and non-state actors."
He also warned that the budget cuts and civilian furloughs being imposed by sequestration will have an impact on the intelligence community's efforts to counter a cyber threat.
"Critical analysis and tools will be cut back, so we'll reduce global coverage and may risk missing the early signs of a threat," he said.
When Sen. Angus King (I-Maine) asked if cyber threats were accelerating, newly-minted CIA Director John Brennan gave an unequivocal "Absolutely."
Brennan explained that "the seriousness and the diversity of the threats that this country faces in the cyber domain are increasing on a daily basis".
Despite the widespread recognition of the threat, Brennan said the U.S. still has a lot of work to do to prepare itself for the future of cyber warfare -- "to address the vulnerabilities that we have and take the steps that we need to in order to protect our infrastructure, our networks from these types of cyber attacks."
FBI Director Robert Mueller also told the panel that the cyber threat is one that keeps him awake at night. What is happening in the cyber arena, he said, "cuts across any of our disciplines, whether it be counterintelligence or counterterrorism as well as criminal."
Mueller described the convergence of "the various objectives, goals and discrete individuals utilizing the cyber arena, whether it be for criminal purposes or for terrorist purposes, has grown to be right up there with [al Qaeda affiliate] AQAP, homegrown terrorists and cyber attackers."
Gen. Keith Alexander, who heads the military's U.S. Cyber Command, later told the Senate Armed Services Committee that the Pentagon is establishing 13 cyber teams capable of conducting offensive operations to combat a cyber attack on America's infrastructure – the first clear statement from a government official indicating that the U.S. deploys cyber weapons.
On Monday National Security Advisor Tom Donilon told the Asia Society that cyber security was being moved to the "to the forefront of our agenda" and directed his ire at China.
"I am not talking about ordinary cybercrime or hacking," said Donilon. "And, this is not solely a national security concern or a concern of the U.S. government."
"Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," he said.
Donilon called for China's government "should take serious steps to investigate and put a stop to these activities" which he said pose a risk to U.S.-China relations and international trade.
A recent report by the cyber security firm Mandiant traced a host cyber attacks on American companies to a group linked to China's People's Liberation Army.