By Jordy Yager and Carlo Muñoz - 03/12/13 08:00 PM EDT
The nation’s top intelligence officials told senators on Tuesday that cyberattacks are the leading security threat facing the United States.
Testifying at the Senate Intelligence Committee’s annual hearing on worldwide threats, Director of National Intelligence James Clapper told lawmakers that terrorist groups are increasingly pursuing the ability to wage cyberattacks, which, if successful, could bring businesses and the government to a collapsing halt.
“Increasingly state and non-state actors are gaining and using cyber expertise,” he said. “These capabilities put all sectors of our country at risk, from government and private networks to critical infrastructures. We see indications that some terrorist organizations are interested in developing offensive cyber capabilities, and as cyber criminals are using a growing black market to sell cyber tools that fall into the hands of state and non-state actors.”
While al Qaeda in the Arabian Peninsula (AQAP), Hezbollah, Iran and North Korea were all addressed as serious concerns during Tuesday’s open hearing, intelligence officials and lawmakers agreed cybersecurity should be the country’s top focus when attempting to counter threats to the United States.
“The various objectives [and] goals of discrete individuals utilizing the cyber arena — whether it be for criminal purposes or terrorist purposes — has grown to be right up there with AQAP, homegrown terrorists, and cyber attackers,” said Mueller.
In Brennan’s first public remarks as head of the CIA, he pressed Congress to take up cybersecurity legislation. As President Obama’s deputy national security adviser last year, Brennan worked closely with lawmakers in their failed attempts to pass a cybersecurity bill.
“The seriousness and diversity of the threats this country faces in the cyber domain are increasing on a daily basis, and from my perspective, I think this is one of the real significant national security challenges we face,” Brennan said. “The threat is going to continue and it’s going to grow. What we need to do as a country is to reduce the vulnerabilities and take the mitigation steps.”
“From a national security perspective, I very much hope that the Congress will move forward with legislation,” he said.
Obama signed an executive order last month directing the Department of Homeland Security (DHS) to share more information on cyber threats between agencies and businesses, creating a set of standards and up-to-date information resources for businesses. However, the executive order does not require companies to participate in the information-sharing, as a law passed by Congress would.
U.S. intelligence officials also updated lawmakers on other high-profile threats facing the United States. Clapper told panel members the slew of economic and political sanctions levied by the White House on Iran was working.
“The sanctions have had a profound impact on Iran’s economy and overall ability to finance its ongoing nuclear enrichment program,” Clapper said.
But Iran could be getting support from another U.S. adversary and potential nuclear power; Sen. Dan Coats (R-Ind.) pressed Clapper for more details on possible ties between Tehran and North Korea.
Clapper acknowledged the “potential relationship” between the two rogue nations, in terms of their nuclear ambitions, but he declined to comment on their ties in an unclassified session.
Intelligence officials said they are also keeping close tabs on the rise of al Qaeda affiliates in Yemen and North Africa.
Those groups represent the increasingly decentralized nature of al Qaeda that, officials said, has proven difficult for U.S. intelligence agencies to track.
“The threat from core Al Qaeda and the potential for a massive coordinated attack on the United States is diminished, but the global Jihadist movement is a more diversified, decentralized and persistent threat,” Clapper said.
So called “lone wolves,” or people not associated with a specific al Qaeda cell, along with “jihadist-inspired groups,” remain a huge threat to U.S. national security interests worldwide, officials said.
Despite the growing number of terror and nuclear related threats, officials and lawmakers concentrated much of their attention on cybersecurity — a signal that momentum is growing on Capitol Hill to try to pass another bill on the issue.
Sen. Dianne Feinstein (D-Calif.), the Intelligence panel’s chairwoman, said she is planning to start working on an information-sharing cybersecurity bill with Sen. Saxby Chambliss (R-Ga.), the committee’s ranking member, in the coming months. And House Intelligence Committee Chairman Mike Rogers (R-Mich.) and ranking member Dutch Ruppersberger (D-Md.) are also working to drum up support for a bill aimed at removing legal hurdles that prevent government and industry from sharing real-time data about online threats.
The measure would allow companies to share data with DHS and intelligence agencies, but civil liberty groups have balked at it, saying the legislation lacks sufficient privacy protections.
At a separate Senate Armed Services Committee hearing on Tuesday, Sen. Lindsey Graham (R-S.C.) said he was working with Sen. Sheldon Whitehouse (D-R.I.) on a measure that would allow industry leaders to develop a set of cybersecurity best practices, granting certain companies that operate critical infrastructure liability protection if they follow those guidelines.
At the Armed Services hearing, the head of U.S. Cyber Command, Gen. Keith Alexander, warned senators that the number of cyberattacks against banks has increased recently and will continue to rise throughout the year.
—This story was updated at 8:30 p.m.