A subcommittee hearing chaired by U.S. Rep. John Ratcliffe (R-TX) on Thursday heard testimony from leading cybersecurity experts on the serious national security threats currently faced by the U.S. from other nation states and malicious cyber actors.
The hearing, held by the House Homeland Security Subcommittee on Cybersecurity and entitled “Emerging Cyber Threats to the United States,” served to spotlight cybersecurity threats from nation states, criminal organizations and terrorist groups.
“Cybersecurity is national security, and today’s hearing reaffirmed this important principle,” Ratcliffe said. “We cannot allow cyber adversaries to be left undeterred from conducting attacks that could jeopardize sensitive matters of national security, compromise our nation’s critical infrastructure and undermine the personal privacy of Americans.
Information was released last week about a successful hacking attempt by Russia of the dollar-to-ruble exchange rate, Frank Cilluffo, associate vice president and director of the Center for Cyber and Homeland Security at the George Washington University, told the subcommittee. Confirmation was also obtained that Russia hacked Ukraine’s electric grid, he added.
“Banks, security systems, and clearance systems are all at risk,” Cilluffo said, adding that Americans’ privacy, economy and overall security are at risk.
Additionally, Cilluffo warned, while cyber actors continually adapt to and defeat changing prevention methods, the tactics, intentions and capabilities of hackers vary widely, leaving questions as to who precisely is behind an attack and for what purpose.
“Nation states often use proxies to conceal their activities,” Cilluffo said. “[Hackers] may be state actors, they may be state sanctioned, or they may be state sponsored. Russia and China both use proxies to deny their involvement and mask how involved the countries are in the hacking activities.
“Iran is also a prominent supporter of cyber attacks, although Iran’s capabilities pale in comparison to Russia’s and China’s capabilities.”
Cilluffo added that foreign terrorist organizations are not believed to currently have the sophistication to perform highly disruptive cyber attacks but have shown intent.
“It is likely that ISIS, or their sympathizers, will increasingly turn to disruptive cyber-attacks,” Cilluffo said.
Such attacks, however, are not limited to just terror organizations, further muddying the fight.
“Criminal organizations differ from terrorist organizations in that they do not want credit for their activities,” Cilluffo said. “They are working quietly and do not want to draw attention to themselves because their main objective is money. It is disconcerting how much Russia relies on criminal cyber hackers to advance its agenda.”
Adam Bromwich, vice president of security technology and response at Symantec, said that criminal cyber activities run the gamut from low-level criminals up to state-sponsored terrorists.
“Scams and blackmail schemes are still the most common with ‘ransom-ware,’” Bromwich said. “The criminals use high-grade encryption methods. Recently, Hollywood Presbyterian had to pay $17,000 to get access to their medical records.”
To fight such actions, Cilluffo said, the U.S. needs to take a more active role in preventing cyber attacks rather than reacting to them after.
“We need to impose costs on those with bad cyber activity,” Cilluffo said. “Our current method is entirely ‘reactive’ and not proactive. Moving forward, the U.S. government must give companies the framework, parameters and tools they need to protect themselves and their clients.”
Bromwich added that finding ways for various security and similar organizations to work in tandem is the best means of fighting such attacks.
“Cooperation is the key for combatting cyber crime,” Bromwich said. “It is also critical to use Big Data analytics to evaluate threats.”