Intelligence officials see cyberattacks as a top US threat

Cyberattacks are a growing threat for U.S. security, officials say

Cyberattacks are near the top of the list of most serious threats facing the U.S., with the rivaling concerns about terrorism and North Korea, intelligence officials with President Barack Obama's administration said.

James Clapper, the Obama administration's national security director, and Robert Mueller, director of the U.S. Federal Bureau of Investigation (FBI), were among the officials that pointed to cyberattacks as top threats during a hearing Tuesday before the Senate Intelligence Committee.

Clapper, a retired Air Force general, said he has not seen a "more diverse array of threats and challenges" for U.S. national security during his time in the defense and intelligence communities. Clapper led off with cyberattacks in his Senate testimony about security threats facing the U.S.

"I cannot overemphasize its significance," Clapper said. "Increasingly, state and non-state actors are gaining and using cyberexpertise. These capabilities put all sectors of our country at risk, from government and private networks to critical infrastructures."

Intelligence agencies see interest from terrorist organizations in acquiring offensive cybercapabilities, he added. Cybercriminals are using black markets to sell hacking tools to a number of organizations, he said.

Asked what threats worry him the most, Mueller identified cyberattacks. The FBI investigates cyberattacks related to criminal and to terrorist activity, he said. Terrorist groups continue to use the Internet to recruit followers, he added.

Committee members also raised concerns about cyberattacks. Senator Dan Coats, an Indiana Republican, called on Congress to pass a bill that would encourage information-sharing about cyberthreats among private businesses and between businesses and government agencies. A recent executive order signed by Obama enables more information-sharing from the government to businesses, but businesses need protection from lawsuits before they will be comfortable sharing their information, Coats said.

"This is a serious threat, and we need to get on it," Coats said.

Senator Dianne Feinstein, a California Democrat and committee chairwoman, said she plans to introduce an information-sharing bill soon. Two members of the House of Representatives introduced the controversial information-sharing bill, the Cyber Intelligence Sharing and Protection Act (CISPA), in February.

Even as the threat of physical terrorism against the U.S. is diminishing, the threat of cyberattacks and cyber-espionage is growing, Feinstein said. Recent reports suggest "massive cyberpenetrations" into U.S. companies, she said.

During the hearing, Clapper raised concerns about budget cuts forced under the congressional process called sequestration. Intelligence agencies will be forced to cut each program by 7 percent during this current fiscal year, and those cuts will hamper the agencies' ability to acquire the technology needed to fight cyberattacks, he said. The cuts will also hurt national security in several other ways, he said.

Also during the hearing, Senator Ron Wyden, an Oregon Democrat, questioned Clapper and Mueller about intelligence agencies' surveillance of U.S. citizens inside the U.S. Pressed by Wyden, Clapper said the U.S National Security Agency and Central Intelligence Agency do not "wittingly" conduct surveillance on U.S. citizens inside the country.

Wyden asked Mueller if the FBI needs a court-ordered warrant, requiring law enforcement to show probable cause of a crime, or uses a less strict standard to conduct surveillance on U.S. residents. With some disagreements in U.S. courts about the appropriate standard, it depends on the circumstance, Mueller said.

The FBI will "see where the courts go," Mueller said.

"You have identified the exact reason why I am trying to get the answer," Wyden said. "There's no doubt we are going to watch what the courts do in the days ahead. The question is, what would be the rights of Americans while that is still being fleshed out?"

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is

Join the CSO newsletter!

Error: Please check your email address.

Tags U.S. Federal Bureau of InvestigationU.S. SenateU.S. Central Intelligence AgencyDianne FeinsteinU.S National Security AgencyJames ClapperDan CoatsgovernmentBarack ObamaRobert MuellersecurityRon Wyden

More about FBIFederal Bureau of InvestigationIDGNational Security Agency

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts