In a yearly testimony to the US Senate Select Committee on Intelligence, Director of National Intelligence James Clapper put cybersecurity in the spotlight, echoing US officials who have increasingly warned in recent years about the potential of catastrophic cyber attacks directed at the United States. This time, the cybersecurity alarm came with a vague timeframe; Clapper said today that there is "a remote chance of a major cyber attack against US critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage." While Clapper's remarks today aren't as incendiary as those made by others in the government — last year, Defense Secretary Leon Panetta warned of a looming "cyber Pearl Harbor" — the testimony builds on the same trend of urgent concern that top security officials have used to encourage expansion of national cybersecurity programs. Those concerns have risen to the highest levels of the US government.
As President Obama entered his second term, the White House ramped up its cybersecurity efforts, opting for an executive order that allows the government to share more information it has on "cyber threats" with private companies — potentially including defense companies like Raytheon and Lockheed, which are reportedly vying for eligibility to receive the data. Congress is also working on strengthening information sharing between government and industry with the Cyber Intelligence Sharing and Protection Act (CISPA), which failed to become law last year, but has recently been revived.
"Russia and China are unlikely to launch a devastating attack outside of a military conflict."
The White House has recently toughened its stance toward China — a major alleged culprit in cyber attacks on US companies. US National Security Advisor Tom Donilon recently pointed at China, warning it that the US could retaliate against cyber attacks from the country; Donilon said that "the United States will do all it must to protect our national networks, critical infrastructure, and our valuable public and private property." The White House's remarks were made less than two months after The New York Times and The Wall Street Journal reported that they their computers and employees had been targeted by cyber attacks allegedly originating from China. Just this morning, China said that is willing to open "a constructive dialogue" to help curb the recent spate of cyber attacks against US businesses.
But during today's testimony, Clapper noted that countries like China aren't really primary threats; "advanced cyber actors — such as Russia and China — are unlikely to launch such a devastating attack against the United States outside of a military conflict or crisis that they believe threatens their vital interests," he said. Instead, Clapper says attacks are likely to come from "isolated state or nonstate actors."