WASHINGTON – Despite numerous warnings from top intelligence officials, the U.S. government doesn’t have a plan yet to confront a massive, malicious cyber-threat.
And the window of opportunity to develop one may have already closed.
“We’ve admired the problem of cyber-threats for a long time. Now is the time to act. And I argue, if we do not act, we’re going to have a catastrophic event here in the United States,” says Rep. Mike Rogers, R-Mich., chairman of the House Select Intelligence Committee.
Such an attack could plunge the Washington region into a crippling spiral of digital chaos that many compare to the day Japan attacked Pearl Harbor. Power grids would be left inoperable. Banks and businesses would be in the dark and worthless. It would be difficult for police and first responders to find sick and injured people because the GPS system would likely be down.
Even your computer-connected car would be useless.
“The problem is real,” Rogers says. “It’s not something you can see. You can see that foreign nation (naval) carrier off your coast to intimidate you, but this is something you don’t see. It happens when you sleep sometimes … but these folks are in our networks. They’re stealing our intellectual property and they’re threatening to disrupt major sections of our economy.”
Something else has emerged as well, says Israeli counterterrorism expert Yael Shahar.
“We’ve seen nation-states using cyber-tactics as part of a traditional war. And this is something I think we’re going to see in any coming war — especially when the countries involved are high-tech countries.”
Intelligence experts say cyber-tactics have been recently tested by foreign countries just as naval vessels undergo sea trials to gauge their capabilities.
“First of all, we saw a precursor in Estonia where there were the Distributed Denial-of-Service (DDoS) attacks against government sites [in 2007]. Estonia had a specific vulnerability because they don’t have a paper government. They are all e-government. It wasn’t an existential threat, but it was a proof of concept,” Shahar says.
Russia is widely believed to have launched that attack to test its cyber-attack capabilities and to retaliate against Estonia for the removal of a Russian statue. Estonian web sites came under DDoS attacks so severe that many agencies had to shut off access to IP addresses outside Estonia for several days.
Shahar, director of the Intelligence Project at the Israeli Institute for counter-terrorism, says Russia is not just probing for information, it is actively engaged in cyber-war operations. She cites the August Russo-Georgian War in 2008.
“At the time [during the attack on Estonia], I remember thinking we’re going to see this again as part of a real conflict, not just a part of a ‘hacktivist’ attack,” Shahar says. “And sure enough in Georgia, Russia used exactly those same kinds of tactics, expanded them out and used the entire civilian infrastructure.”
Russia’s cyber capabilities have improved significantly in the five years since the Estonia attack. Director of National Intelligence (DNI) James Clapper warned Congress just two months ago that attacks and attempts on U.S. computer networks were becoming bolder and bigger.
“Among state actors, China and Russia are of particular concern,” Clapper says. “As indicated in the October 2011 biennial economic espionage report from the National Counterintelligence Executive, entities within these countries are responsible for extensive illicit intrusions into U.S. computer networks and theft of U.S. intellectual property.”
A Gathering Storm
In an unprecedented modern-day move, the U.S. has pointed a stern finger at Russia, its post-Cold War ally, accusing it of egregious cyber-espionage activity.
In an extensive report to Congress in January, the National Intelligence Executive (NCIX) said Russia will continue to aggressively target the U.S.
In the report, “Foreign Spies Stealing U.S. Secrets in Cyber-Space,” the NCIX wrote:
Motivated by Russia’s high dependence on natural resources, the need to diversify its economy and the belief that the global economic system is tilted toward U.S. and other Western interests at the expense of Russia, Moscow’s highly capable intelligence services are using HUMINT, cyber, and other operations to collect economic information and technology to support Russia’s economic development and security.
President Obama and congressional leaders have carefully avoided using terms such as war when it comes to Russia’s cyber-efforts, but Shahar, who has followed the development of cyber-warfare tactics, notes a disturbing trend that U.S. partners like China and even U.S. adversaries are experimenting with.
She and other experts believe that future ground wars will either start with a massive cyber-attack that takes down the critical infrastructure of a nation, or the cyber-attack will occur at key phases of the kinetic battles.
China’s believed to be working on a pre-emptive, cyber strike capability, using a single command and control capability that could completely disrupt U.S. information systems. According to U.S intelligence sources, that capability is the new strategic and tactical high ground and it is considered to be the same as controlling the air in a kinetic war.
A report prepared by Northrup Grumman for the U.S. Intelligence community recently indicated:
“Chinese capabilities to interfere with U.S. military computer network operations have advanced sufficiently to pose genuine risk to U.S. military operations in the event of a conflict.”
The report, “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage,” says if China were to successfully deploy such a weapon, it could significantly impact the U.S. military ability to respond if a conflict were to break out in Taiwan.
Concern from members of Congress on how little is being done to prepare for the possibility of an attack has resulted in the designation of a “Cyber-Week” for the last week in April.
Rogers says several key segments of cyber legislation will be discussed, including his “cyber-sharing bill, where we share classified information with companies what protect networks — and right now don’t have that option.”