13 August 2017

US intelligence: 30 countries building cyber attack capabilities

By Steve Ranger

Officials say Russia has "highly advanced" offensive cyber program, and that only its 'senior-most' officials could have authorized election-focused data thefts. 

More than 30 countries are developing offensive cyber attack capabilities, according to US intelligence chiefs.

They warn that cyber attacks against critical infrastructure and information networks will give attackers a means of bypassing traditional defence measures.

The warning came in a joint statement by US director of National Security James Clapper, undersecretary of defense for intelligence Marcel Lettre, and NSA and US Cyber Command director Admiral Mike Rogers, at a hearing on foreign cyber threats by the Senate Armed Services Committee.

"Protecting critical infrastructure such as crucial energy, financial, manufacturing, transportation, communication, and health systems, will become an increasingly complex national security challenge," the written statement noted.

It also warned that nations equipped with similar offensive cyber capabilities could be prone to preemptive attack and rapid escalation in a future crisis, "because both sides would have an incentive to strike first".

The committee was meeting in the aftermath of what its chairman Senator John McCain called an "unprecedented attack on our democracy", referring to the hacking attacks during the recent Presidential election, which have been blamed by US intelligence on Russia.

President-elect Donald Trump has cast doubt on whether Russia was behind the attacks.

However, the statement from the intelligence chiefs said Russia is a "full-scope cyber actor" and one that "poses a major threat to US government, military, diplomatic, commercial, and critical infrastructure and key resource networks because of its highly advanced offensive cyber program and sophisticated tactics, techniques, and procedures".

It said Russian cyber operations had targeted government organizations, criticial infrastructure, think tanks, universities, political organizations and corporations, often using spearphishing campaigns.

"We asses that only Russia's senior-most officials could have authorized the recent election-focused data thefts and disclosures, based on the scope and sensitivity of the targets," the statement continued.

"Every American should be alarmed by Russia's attack on our nation," McCain said. But the recent Russian attacks are one part of a bigger cyber problem he added, pointing to other digital espionage and cyber attacks by hackers aligned with China and North Korea.

"What seems clear is our adversaries have reached a common conclusion that the reward for attacking American cyberspace outweighs the risk. For years cyber attacks on our nation have been met with indecision and inaction. Our nation has no policy and thus no strategy for cyber deterrence. Unless we demonstrate that the costs of attacking the United States outweigh the perceived benefits these cyber attacks will only grow," he warned.

Certainly Russia was not the only digital threat the intelligence chiefs identified.

China continues to conduct cyber espionage against the US government and companies, albeit at lower levels than previously, they said. "Beijing has also selectively used cyber attacks against foreign targets that it probably believes threaten Chinese domestic stability or regime legitimacy." They also listed Iran as using cyber espionage, propoganda and attacks, and said North Korea remains capable of "launching disruptive or destructive cyber attacks to support its political objectives".

And the risk isn't likely to decline, either: "Over the next five years, technological change will only accelerate the intersection of cyber and physical devices, creating new risks," they said.

No comments: