The nation’s top cybersecurity official said Monday that he expects a major cyberattack against the U.S. before he leaves office while warning that America needs to do more to keep up with Russia, China and other potential adversaries in this field.
“I think it’s only a matter of time until we see destructive offensive actions taken against critical U.S. infrastructure,” said Adm. Mike Rogers, the director of the National Security Administration and commander of the U.S. Cyber Command.
Adm. Rogers said, when asked, that he wouldn’t discuss specifics on how the U.S. measures up against Russia and China.
But he said the world is still in “the early stages of cyber in many ways,” and that the U.S. should be concerned the nation’s infrastructure is lagging behind the rapid advancement in offensive cyber capabilities.
“We’re talking about defending an infrastructure where [cyber] redundancy and resiliency were never designed,” he said. “Most of it was created at a time when there was no cyberthreat.”
Speaking to a cybersecurity forum hosted by New America, a D.C. think tank, Adm. Rogers said the nation has already seen a number of high-profile hacking attacks, but added he was surprised at some of the targets.
“I didn’t think it’d go against the motion picture industry, to be quite honest,” he said, referencing the North Korean hacks of Sony Motion Pictures in retaliation over the movie “The Interview.”
The U.S. is in a better position to defend itself than it was 10 years ago, but the internet is still a relatively new technology, said James Lewis, senior fellow and cybersecurity expert at the Center for Strategic and International Studies.
“People didn’t even start thinking about cybersecurity until the 1990’s,” he said. “This is really only the third administration that’s tackled the problem.”
Mr. Lewis said that recently, Iran is likely the nation that has federal cybersecurity officials most concerned.
“The Iranians don’t like the U.S., and they’ve been well-behaved because they’re trying to get a nuclear deal pushed through,” he said. “If the nuclear deal falls through or doesn’t live up to their expectations, they’ve done the reconnaissance for an attack.”
Iran and North Korea “aren’t the most stable decision making processes in the world,” Mr. Lewis said, and — just like with nuclear weapons — officials are concerned when one regime might use cyberspace to “do something damaging that will lead to a conflict.”
Mr. Lewis noted that America is the top target in the world for cyberattacks. Many of those attacks have been focused on stealing information, specifically intellectual property.
The U.S. and its allies could be losing between $100-400 billion a year due to theft of intellectual property, Adm. Rogers said. And as a Navy admiral, he said he’s concerned about foreign governments trying to steal data from defense contractors to acquire plans for America’s military technology.
Indeed, many military experts believe that China’s latest fighter, the Chengdu J-20, was likely built in part from plans stolen from Lockheed Martin’s F-22 Raptor.
But outside of military conflict, Mr. Rogers warned that hackers — both independent and state-sponsored — have the capability to make life difficult for millions of Americans.
For example, Americans now readily rely on the ability to withdraw bank funds electronically and to access their money by computer.
“If that were ever really contested, think about the implications for us as a nation on an individual level,” Adm. Rogers told the audience. “Hey, I’m a U.S. citizen. I have a cell phone, I have a laptop. I want those systems to be as safe and secure for myself and my children as you do.”
Adm. Rogers said cyberspace has permanently become a topic national security officials must worry about.
“History has shown us to date that you can [look at] any confrontation, any crisis to date and that there’s a cyber component to it,” he said. “Cyber is going to be a fundamental component of the world we’re living in.”
• Phillip Swarts can be reached at pswarts@washingtontimes.com.
Please read our comment policy before commenting.