The Office of the Director of National Intelligence has published the unclassified testimony of the agency's chief, James R. Clapper, in a report titled Cyber Threats: An Evolving and Strategic Concern.
The testimony offered before the Senate Select Committee on Intelligence included appraisals of multiple priority threats being addressed by the US intelligence community, including international and home-grown terrorism concerns, the proliferation of weapons of mass destruction (WMD), counterintelligence trends, and transnational organized crime.
Not surprisingly, threats to the nation's cybersecurity where also on the agenda as the the third item addressed in the testimony, signifying that network intrusions by state-sponsored in China and Russia and independent actors like Anonymous and Lulzsec continue to be a priority concern.
The following is the excerpt which examines the intelligence community's overall assessment of the growing threat to national cybersecurity:
Cyber threats pose a critical national and economic security concern due to the continued advances in—and growing dependency on—the information technology (IT) that underpins nearly all aspects of modern society. Data collection, processing, storage, and transmission capabilities are increasing exponentially; meanwhile, mobile, wireless, and cloud computing bring the full power of the globally-connected Internet to myriad personal devices and critical infrastructure. Owing to market incentives, innovation in functionality is outpacing innovation in security, and neither the public nor private sector has been successful at fully implementing existing best practices.
The impact of this evolution is seen not only in the scope and nature of cyber security incidents, but also in the range of actors and targets. In the last year, we observed increased breadth and sophistication of computer network operations (CNO) by both state and nonstate actors. Our technical advancements in detection and attribution shed light on malicious activity, but cyber intruders continue to explore new means to circumvent defensive measures.
Among state actors, China and Russia are of particular concern. As indicated in the October 2011 biennial economic espionage report from the National Counterintelligence Executive, entities within these countries are responsible for extensive illicit intrusions into US computer networks and theft of US intellectual property.
Nonstate actors are also playing an increasing role in international and domestic politics through the use of social media technologies. We currently face a cyber environment where emerging technologies are developed and implemented faster than governments can keep pace, as illustrated by the failed efforts at censoring social media during the 2011 Arab Spring revolutions in Tunisia, Egypt, and Libya. Hacker groups, such as Anonymous and Lulz Security (LulzSec), have conducted distributed denial of service (DDoS) attacks and website defacements against government and corporate interests they oppose. The well publicized intrusions into NASDAQ and International Monetary Fund (IMF) networks underscore the vulnerability of key sectors of the US and global economy.
Hackers are also circumventing network security by targeting companies that produce security technologies, highlighting the challenges to securing online data in the face of adaptable intruders. The compromise of US and Dutch digital certificate issuers in 2011 represents a threat to one of the most fundamental technologies used to secure online communications and sensitive transactions, such as online banking. Hackers also accessed the corporate network of the computer security firm RSA in March 2011 and exfiltrated data on the algorithms used in its authentication system.
Subsequently, a US defense contractor revealed that hackers used the information obtained from RSA to access its network.
We assess that CNO is likely to increase in coming years. Two of our greatest strategic challenges regarding cyber threats are: (1) the difficulty of providing timely, actionable warning of cyber threats and incidents, such as identifying past or present security breaches, definitively attributing them, and accurately distinguishing between cyber espionage intrusions and potentially disruptive cyber attacks; and (2) the highly complex vulnerabilities associated with the IT supply chain for US networks. In both cases, US Government engagement with private sector owners and operators of critical infrastructures is essential for mitigating these threats.