President Obama’s top intelligence official on Thursday highlighted the constant and more sophisticated onslaught of cyberattacks as a particular vexing national security threat the U.S. needs to take steps to guard against.
Director of National Intelligence James Clapper, in testimony before the Senate Armed Services Committee, pointed to a number of pressing threats facing the country, including the Islamic State’s advances in the Middle East, Russia’s ongoing aggression in Ukraine and Iran’s continued pursuit of a nuclear weapon.
The cyberattacks, however, were near the top of his threat list because they involve multiple attacks from some of the same threats such as Russia, China, Iran, North Korea and the Islamic State, as well as criminally motivated actors targeting both government and private computer systems.
“Attacks against us are increasing in frequency, scale, sophistication and severity of impact, the ranges of cyberthreat factors, methods of attack, targeted systems and victims are also expanding,” he told the panel. “The reality is we’ve been living with a constant and expanding cyber barrage for some time and [it] will continue.”
The complex threat is difficult to protect against, Clapper said even as he downplayed previous U.S. officials’ contentions that the U.S. is facing a high risk of a “cyber Armageddon” scenario that disables American infrastructure, devastating the country’s economy.
“The likelihood of a catastrophic attack from any particular actor is remote at this time,” he said. “We envision something different. We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security.”
The Russian cyberthreat, he said, is far more severe that U.S. intelligence officials previously assessed, and the Islamic State through its “cyber caliphate” has shown that it can infiltrate the social media sites of the U.S. Central Command and Newsweek.
Clapper also stressed the need for Congress to pass cybersecurity legislation as quickly as possible that would provide liability protection for private companies when they share information with the federal government about attacks and threats.
