Cyber attacks by politically and criminally motivated actors top the list of threats facing the US, according to national intelligence director James Clapper.
“Cyber threats to US national and economic security are increasing in frequency, scale, sophistication and severity of impact,” he said in the latest annual threat assessment delivered to Congress.
Clapper said politically motivated cyber attacks are now a growing reality, and foreign actors are reconnoitering and developing access to US critical infrastructure systems.
“These might be quickly exploited for disruption if an adversary’s intent became hostile,” he said, but he downplayed the idea the US is at a high risk of having its infrastructure crippled in a “cyber Armageddon” scenario, reported the Washington Times.
Instead, he said, US intelligence expects an ongoing series of low to moderate-level cyber attacks from a variety of sources over time that will have a cumulative cost on the US economy and national security.
A report issued by Clapper’s office said Russia's military was setting up a cyber command to carry out attacks. The report also describes China, Iran and North Korea as leading threats.
Read more about the economic impact of cyber attacks
- Halting cyber crime could have a positive impact on the global economy
- Cyber war has the potential to mirror the doomsday nuclear threat in terms of the economic and psychological effect
- An online attack that targeting multiple critical IT systems simultaneously could cause years of disruption to leading western economies
Clapper told the Senate Armed Services Committee that Russia poses the greatest cyber risk to US interests, and that the threat from the Russian government was "more severe" than previously realised.
In the past year, there have been several high-profile attacks on US targets, including Sony Pictures, the Las Vegas Sands Casino Corporation and the social media accounts of the US military command.
“The most pervasive threat to the US financial sector is from cyber criminals who were responsible for cyber intrusions in 2014 into JP Morgan, Anthem and other US companies," said Clapper.
“In future we will probably see cyber operations that change or manipulate electronic information to compromise its integrity instead of simply deleting or disrupting access to it,” he said.
During the hearing, Clapper also acknowledged that the US had its own "offensive capabilities,” according to the BBC.
The admission comes just weeks after the US National Security Agency (NSA) was linked to hidden surveillance software in the hard drives of several top computer makers.
Security firm Kaspersky Lab discovered the Stuxnet-like spyware in PCs in 30 countries and linked it to a nearly 20-year operation by "The Equation Group".
Reuters sources claim the NSA is responsible for placing the spyware in hard drives from manufacturers such as Western Digital, Seagate and Toshiba.
“In the end, the cyber threat cannot be completely eliminated. Rather, we must be vigilant in our efforts to detect, manage and defend against it,” said Clapper.
In addition to by cyber attacks, he identified a range of other threats facing the US, including a surge by Sunni Muslim extremist groups, the pursuit of nuclear weapons by Iran and North Korea, and a push by Russian and Chinese operatives to penetrate the US national security community.