A U.S. intelligence chief says that cyberattacks present a growing threat to financial networks and other critical infrastructure.
Director of National Intelligence James Clapper told the Senate Intelligence Committee on Tuesday that while an attack by a sovereign state that causes widespread destruction seems unlikely in the next two years, even unsophisticated attacks could have "significant outcomes" or tap vulnerabilities that spill from one part of a network to the next.
In prepared testimony, Clapper said that while hacktivists who launch so-called denial of service attacks against banks and other businesses use the attacks as a form of protest, more radical groups have the capacity "to inflict more systematic impacts - such as disrupting financial networks — or accidentally trigger unintended consequences that could be misinterpreted as a state-sponsored attack."
According to Clapper, tools available in "a growing black market" also give cybercriminals the ability to "steal, manipulate or delete" information from companies they target.
Clapper's remarks come amid a series of expressions by U.S. officials of the potential of cyberattacks to damage the country economically and militarily.
On Wednesday, President Obama is expected to meet at the White House with business leaders to discuss cyber threats and to ask for their input on how industry and the government can best work together to strengthen the country's cyber defenses.
Thomas Donilon, President Obama's national security advisor, called Monday on the Chinese government to stop its alleged program of cyber intrusions on U.S. businesses and to engage in dialogue about what constitutes acceptable conduct in cyberspace. His comments followed a report in February that hackers backed by China's People's Liberation Army have stolen business plans, technology blueprints and other information from at least 115 firms in the U.S. since 2006. Though China has denied the allegations while charging that its own computers have weathered cyberattacks from the U.S., the government said on Tuesday it would be willing to discuss cybersecurity.
The president in February signed an executive order that aims to encourage information sharing about cyber threats among financial firms, utility operators and others who own critical infrastructure. House Intelligence Committee Chairman Mike Rogers, R-Mich., and Rep. Dutch Ruppersberger, D-Md., the panel's ranking member, reintroduced legislation that would encourage sharing of information between companies and government agencies about cyber threats.
In his testimony, Clapper cited a series of attacks since September that have bogged down websites at some of the nation's biggest banks and prevented customers from accessing their accounts. A denial of service attack shuttered online banking at JPMorgan Chase for several hours on Tuesday. The assault followed a warning by the al-Qassam Cyber Fighters, a group that has claimed responsibility for the attacks, that the group is targeting JPMorgan Chase, Bank of America, Citibank (NYSE:C), PNC Financial (PNC), Fifth Third Bancorp (FITB), Union Bank, BB&T (BBT) and Capital One (COF) for another round of assaults.
"In response to the trends and events that happen in cyberspace, the choices we and other actors make in coming years will shape cyberspace for decades to come, with potentially profound implications for US economic and national security," Clapper added.