CIA Director Leon Panetta Warns of Possible Cyber-Pearl Harbor

WASHINGTON, Feb. 11, 2011 -- Top U.S. intelligence officials have raised concerns about the growing vulnerability the United States faces from cyberwarfare threats and malicious computer activity that CIA Director Leon Panetta said "represents the battleground for the future."

"The potential for the next Pearl Harbor could very well be a cyber-attack," he testified on Capitol Hill Thursday before the House Permanent Select Committee on Intelligence.

Director of National Intelligence James Clapper also appeared, telling the committee, "This threat is increasing in scope and scale, and its impact is difficult to overstate."

There are roughly 60,000 new malicious computer programs identified each day, Clapper said, citing industry estimates.

"Some of these are what we define as advanced, persistent threats, which are difficult to detect and counter," Clapper said.

Panetta told the committee, "This is a real national security threat that we have to pay attention to. I know there are a lot of aspects to it.

"The Internet, the cyber-arena ... is a vastly growing area of information that can be used and abused in a number of ways."

U.S. officials and computer security experts have faced a wide array of diverse and growing computer threats in the past several years, including attempted infiltrations of Defense Department computers, high-profile companies being hacked and the data breach and related cyber-attacks involving Wikileaks.

In particular:

The Pentagon disclosed last summer that in 2008 "malicious code" from a flash drive ended up on classified and unclassified systems of U.S. Central Command, which oversees the war efforts in Afghanistan and Iraq.

Entities in China were behind a highly sophisticated hacking of Google and more than 30 other companies in late 2009 that went undetected until January 2010. The hacking of Google's network was intended to gain access to the e-mail accounts of human rights activists in China.

Telecommunications companies in China displayed false computer data that rerouted about 15 percent of the world's online traffic last April through Chinese Internet servers for about 17 minutes, affecting NASA, the U.S. Senate, the four branches of the military, the office of the Secretary of Defense and a number of Fortune 500 companies.

Panetta's Stark Assessment

The FBI and private security experts tracked and traced large networks of "zombie-computers" dubbed bot-nets. The "Mariposa" bot-net is believed to have infected more than 12.7 million computers worldwide, including computers at more than half the Fortune 500 companies and at 40 major banks.

The FBI and U.S. Secret Service are investigating intrusions into computer systems run by NASDAQ-OMX, the parent company of the NASDAQ stock exchange.

Panetta provided a stark assessment for the intelligence committee. "If you have a cyber-attack that brings down our power-grid system, brings down our financial system, brings down our government systems, you could paralyze this country," he said. "And I think that's a real potential. And that's the thing we have to really pay attention to.

"Other countries are developing a significant capacity in this area, whether it's Russia or China or Iran. We're now the subject of literally hundreds of thousands of attacks that come in, in an effort to try to get information. We've got to develop not only defense against that, but we've got to put our assets in places where we can provide sufficient warning that these attacks are coming," Panetta said.

U.S officials from the National Security Agency, Department of Homeland Security and the FBI have actively been working the emerging cybersecurity threats. The military activated U.S. Cyber Command last year to coordinate the military's cyberspace resources.

The Department of Homeland Security and NSA signed a memorandum of understanding to improve collaboration between the agencies. DHS is also deploying an anti-intrusion system called Einstein across the federal government to prevent cyber-intrusions.

"This year, we will complete the deployment of the Einstein 2 threat-detection system across the federal space, and we will continue to develop, and begin deployment, of Einstein 3, which will provide DHS with the ability to automatically detect and disrupt malicious cyber-activity," DHS Secretary Janet Napolitano said at a speech last month at the George Washington University

Government Data Easily Moved

FBI Director Robert S. Mueller III testified at Thursday's hearing that the National Cyber Investigative Joint Task Force plays a key role in tracking down various cyberthreats and attacks.

"The National Cyber Investigative Joint Task Force is a hub of identifying and early attributing attacks -- big, larger or small," he said. "You have all of the relevant agencies there and the expertise and the tie-in to the relevant agencies ... it goes to the question of stopping an attack."

Mueller said the Task Force can handle a range of threats and attacks and works to stop them. "Depending on the origin from whence the attack originates, you would have people at the table there who have the capability of doing it. If it originates overseas, there's the NSA, CIA and the others.

"If it originates in the United States, we would have jurisdiction. If it comes to the -- putting a wall on -- between the attackers and particular entities within the United States, DHS would have a role. But we have a focal point that identifies immediately the attack, and then immediately tries to determine the focus of that attack and utilize all of the capabilities we have to address it."

Officials expressed concern at the hearing about how easily government data can be moved, which played a role in the disclosure by Wikileaks and has also resulted in several major cyber-attacks and hacking incidents.

The FBI is investigating "Operation Payback," which involved cyber-attacks against MasterCard, Visa and PayPal as a form of protest to object to the companies breaking their ties with Wikileaks' ability to raise money. The attacks were organized by a group known as Anonymous.

"Anonymous" struck again earlier this week and retaliated against a U.S. computer security firm and its CEO for claiming that they had infiltrated the group and would disclose details about the group's membership to the FBI.

Members of the group hacked the website of the computer security firm, HBGary Federal, where they posted a message on the firm's website, downloaded thousands of company e-mails and hijacked the CEO's Twitter account. They posted obscene tweets along with his personal data, including home address, social security number and telephone number.

The group placed a message on the firm's website stating, "You brought this upon yourself. What you seem to have failed to realize is that, just because you have the title and general appearance of a 'security' company, you're nothing compared to Anonymous ... Let us teach you a lesson you'll never forget: you don't mess with Anonymous."