NSA Chief Predicts 'Traumatic' Cyber Attack Within Next Decade
WASHINGTON – The National Security Agency (NSA) chief told a congressional panel last week several foreign countries have infiltrated the computers of critical industries of the United States to obtain information that could be used for a destructive attack.
NSA Director Adm. Michael Rogers, who took the helm of the agency in April, said that foreign criminal gangs have traditionally hacked into U.S. commercial systems to steal information that they could use or sell for a profit. But a new trend is emerging as these groups and foreign governments are increasingly cooperating with one another.
U.S. intelligence officials have seen these criminal groups acting “as a surrogate” for other groups and nations wanting to “obscure their fingerprints,” he said.
Rogers said some nations have developed the capabilities to infiltrate the networks of industrial-control systems used to operate critical infrastructure, such as the power grid, nuclear power plants, air traffic control, and subway systems.
“We see them attempting to steal information on how our systems are configured, the very schematics of most of our control systems, down to engineering level of detail so they can look at where are the vulnerabilities, how are they constructed, how could I get in and defeat them,” he testified before the House Intelligence Committee. “We’re seeing multiple nation-states invest in those kinds of capabilities.”
A recent report by Mandiant, a security company, found that Chinese government hackers have stolen information relating to intellectual property from several U.S. companies to support Chinese state-owned enterprises. The report also stated that Chinese government hackers have stolen data from a power-systems manufacturer.
Asked whether China was the only nation investing heavily in these capabilities, Rogers said there are “one or two others” that are attempting to do reconnaissance on U.S. industrial-control systems and learn more about the nation’s networks of critical infrastructure.
“There shouldn’t be any doubt in our minds that there are nation-states and groups out there that have the capability . . . to shut down, forestall our ability to operate our basic infrastructure, whether it’s generating power across this nation, whether it’s moving water and fuel,” he said. “Those tend to be the biggest focus areas that we have seen.”
The Department of Homeland Security issued an alert earlier this month that identified malicious software implanted in the software that runs some of the nation’s critical infrastructure. Sources told ABC News they have found evidence that Russian hackers believed to be sponsored by the Russian government inserted the malicious software.
Another “coming threat,” Rogers warned, is an increase of cyber attacks on mobile devices. He said the increase in popularity due to their appeal as “vehicles to enhance our productivity” makes them ideal targets for hackers.
“The flipside is those same things that make [them] attractive…the ability to use [them] in all sorts of environments almost universally in any place…also represents an increased potential for vulnerability,” he said.
Rogers said he expects a major cyber attack against the U.S. within the next decade.