Cyber security threats once again topped terrorism in the Worldwide Threat Assessment of the U.S. Intelligence Community, annually delivered to Congress. Along with Russia, Clapper cited China, North Korea and Iran as states who post the gravest threat to the US.
“Politically motivated cyber attacks are now a growing reality, and foreign actors are reconnoitering and developing access to US critical infrastructure systems, which might be quickly exploited for disruption if an adversary’s intent became hostile,” said James Clapper, the Director of National Intelligence. “In addition, those conducting cyber espionage are targeting US government, military and commercial networks on a daily basis.”
Clapper, who in his opening statement noted that much classified information would have to be withheld for “this open, televised hearing,” declined to provide a rationale for the upgraded threat status concerning Russia, when speaking to the Senate Armed Services Committee.
— Lee Fang (@lhfang) February 21, 2015
"While I can't go into detail here, the Russian cyber threat is more severe than we had previously assessed," he said, though the written material Clapper submitted stated that the Russian defense ministry was creating a cyber command with a mandate for offensive operations "including propaganda operations and inserting malware into enemy command and control systems."
The report cited “private sector cyber security experts” who asserted that “Russian cyber actors” are developing the capabilities to attack infrastructure and businesses.
"These unspecified Russian actors have successfully compromised the product supply chains of three (control system) vendors so that customers download exploitative malware directly from the vendors' websites along with routine software updates,” according to the assessment.
Low-Level Attacks Most Likely
While Clapper said that attacks were becoming more frequent, he does not anticipate attacks on a catastrophic scale, unlike his predecessor, Leon Panetta, who in 2012 spoke of a potential “cyber Pearl Harbor.”
“Rather than a ‘cyber-Armageddon’ scenario that debilitates the entire US infrastructure, we envision something different,” Clapper said. “We foresee an ongoing series of low-to-moderate level cyber-attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.”
Threats, and Targets
The NSA documents leaked by Edward Snowden in 2013, for example, revealed that the US targeted Russia during the G20 conference in 2009, using agents in London to target secret communications of then-president Dmitry Medvedev.
Clapper also mentioned the open question of the future of Iran’s nuclear programs — currently under negotiation. Those programs were famously thwarted by the Stuxnet computer worm, widely attributed to a joint US-Israeli operation and responsible for reported ruining almost on fifth of Iran’s nuclear centrifuges in 2010. A document recently posted by The Intercept confirms that that cyber attack set off a cycle of escalating attacks between the US and Iran, who “learned from” the attacks against it.
Spying software described as very similar to Stuxnet was recently uncovered by the Kaspersky Lab in Russia as having infected computers in more than 30 countries, though the lab said it could not confirm that it was of US government origin.