12 March 2013 16:56 [Source: ICIS news]
WASHINGTON (ICIS)--The US could be hit by a major cyber attack within the next two years, resulting in long-term and wide-scale disruption of services such as electric power, the nation’s top intelligence officer told Congress on Tuesday.
In wide-ranging testimony before the Senate Intelligence Committee, James Clapper, director of national intelligence, said that chances for such a damaging cyber attack are small, but US intelligence agencies and owners and operators of critical infrastructure facilities must take action to protect against such an assault.
Clapper, who as head of the Office of National Intelligence (ONI) oversees 16 different US intelligence-gathering and counter-intelligence agencies, said that such a destructive attack would require a level of technical expertise and operational sophistication that only a few nations or non-state actors possess.
He said that advanced cyber-intelligence and cyber-espionage actors such as China and Russia “are unlikely to launch such a devastating attack against the US outside of a military conflict or crisis that they believe threatens their vital interests”.
“However, isolated state or non-state actors might deploy less sophisticated cyber attacks as a form or retaliation or provocation,” he added, without naming any specific nations or groups.
“These less advanced but highly motivated actors could access some poorly protected US networks that control core functions, such as power generation, during the next two years,” he said.
Such second-tier cyber opponents might not have enough technical prowess and operational capability to cause wide-spread systemic disruptions, he said.
“At the same time, there is a risk that unsophisticated attacks would have significant outcomes due to unexpected system configurations and mistakes,” he said, “or that vulnerability at one node might spill over and contaminate other parts of a networked system.”
US chemical production facilities are frequently probed by apparent cyber attacks or cyber espionage efforts, according to US intelligence officials and industry information technology (IT) executives.
Clapper warned that “much of the nation’s critical proprietary data are on sensitive but unclassified networks” that are vulnerable to cyber attacks such as denial-of-service campaigns or to outright theft of industrial secrets.
“We assess that highly networked business practices and information technology are providing opportunities for foreign intelligence and security services, trusted insiders, hackers and others to target and collect sensitive US national security and economic data,” Clapper said.
In some cases, he warned, damage from cyber attacks or cyber espionage “can be invisible, latent and progressive”.
“It is very difficult to quantify the value of proprietary technologies and sensitive business information and, therefore, the impact of economic cyber espionage activities,” Clapper said.
But, he added, “we assess that economic cyber espionage will probably allow the actors who take this information to reap unfair gains in some industries”.
Cyber espionage also is “almost certainly allowing our adversaries to close the technological gap between our respective militaries, slowly neutralising one of our key advantages in the international area”, he said.
Clapper’s rare public testimony before the committee was part of his regular annual briefings to key congressional panels, most of which are provided behind closed doors.
|ICIS news FREE TRIAL|
|Get access to breaking chemical news as it happens.|
|ICIS Global Petrochemical Index (IPEX)|
Asian Chemical Connections