WASHINGTON — “The average computer, fresh out of its packaging, can become infected within minutes of being plugged in. It can take longer to download software that protects a computer system than for a hacker to gain entry,” the National Security Agency says.
Millions of times a day, hackers linked to the Chinese and Russian governments and cyber criminals infiltrate U.S. government and business networks. And the new National Counterintelligence Executive (NCIX) says it’s getting worse with each passing day.
“With the exponential increase in cyber capabilities, electronics and tradecraft, they’re getting faster and smarter about how they seek to steal our information, and we need to be faster and smarter about how we defend it,” William Evanina said in an exclusive interview.
Evanina, a career FBI special agent who most recently served as the chief of CIA’s Counterespionage Group, became the NCIX on June 12.
Chinese hackers, he said, “are more active than they’ve ever been and they’re after whatever they can get.” Recent evidence shows they’ve targeted everything from blueprints for jet fighters to formulas for making windows.
“They want to be an economic world power, so anything that has to do with their economy, they will steal — from factory information, to bio-products, to manufacturing products to thermal engineering. Recently there was a case from Pittsburgh Corning Glass where they tried to steal (information on) thermal insulation in the windows,” said Evanina.
In February, “Department of Defense networks were scanned, probed, spearfished and attacked with malware 41 million times,” said Joint Chiefs chairman Martin Dempsey during the retirement of former NSA director Keith Alexander in late-March. Each one of those attacks was repelled.
But just days earlier, in mid-March, the DHS National Cybersecurity and Communications Integration Center “became aware of a potential intrusion of the Office of Personnel Management’s (OPM) network,” a DHS official told WTOP Thursday.
White House spokeswoman Caitlin Hayden told WTOP, “We had the systems in place to detect the intrusion, we notified agencies with a range of capabilities to assess exactly what occurred and devised an immediate action plan to further secure the network with both short and long-term solutions.”
The hackers allegedly were after the records of employees applying for high-level security clearances. The number is estimated in the tens of thousands. The DHS official said, “At this time, neither OPM nor the U.S. Computer Emergency Readiness Team have identified any loss of personally identifiable information.”
But House Intelligence Committee Chairman Mike Rogers told WTOP the prognosis for the future is ominous, unless something changes.
“We have nation-states, according to public reports, like Iran probing our financial institutions. We have non-nation-state actors that went after a company like Target using very sophisticated, nation-state-quality techniques to breach the firewall and get beyond the security.”
Rogers said partisan politics is preventing the U.S. government from defending the country against cyber-attacks and espionage.
“Our policies and our laws are not aligned to handle it and we are having debates about the wrong things, in order to get (U.S. Cyber policies) fixed and get us pre-positioned and able to fight back at a growing threat to not only our economic prosperity, but our safety and national security.”
While the bickering on Capitol Hill continues, Evanina’s team, which includes the National Insider Threat Task Force has rolled up its sleeves, preparing for the fight to come against cyber and espionage threats. Working with the FBI, the task force is, “developing minimal standards for all government agencies to abide by in order to provide some type of basic fundamental protections,” says Evanina.
Those protections encompass systems, people, facilities and information. But the complexity of the problem may overshadow the level of security at the moment, because of lax practices by some agencies and business. The ONCIX has posted cyber security best practices on its website.
But can they keep up with the attacks being directed at U.S. entities?
A top former U.S. counterintelligence official told WTOP in 2006 that Russia and China were starting to employ multi-pronged strategies to get at U.S. secrets and information. According to the former official, “The Russians now have as many intelligence officers in the U.S. as they did in the Cold War.”
They often use their assets inside the U.S. to direct the efforts of those elements working in their home countries. Those foreign human intelligence agents “that seek to do us harm” represent part of what Evanina views as particularly dangerous.
But there are other significant dangers, including supply-chain threats.
“We need to insure that when you purchase laptops, tablets, mobile phones and smart devices, that there are not backdoors and malware put in there from a foreign entity that would seek to collect information on us,” said Evanina.
Another emerging element the U.S. is coming to grips with is the role cyber plays when it comes to “spies and leakers like (former NSA contractor Edward) Snowden and (Chelsea) Manning (formerly known as Private Bradley Manning). There’s a differentiation between spies and leakers, but they sometimes cause the same amount of damage,” said Evanina.
The NCIX’s principle role is to provide leadership and support to the US counterintelligence community and to conduct damage assessments resulting from espionage, insider, cyber and other related threats.
Both Snowden and Manning, in massive, unprecedented breaches, used cyber techniques to illegally acquire and pass on sensitive information. The full scope of the damage is still unknown.