Intelligence leaders said for the first time Tuesday that cyber attacks and cyber espionage have supplanted terrorism as the top security threat facing the United States.
That stark assessment, in an annual "worldwide threat" briefing that covered concerns as diverse as North Korea's belligerence and Syria's civil war, was reinforced in remarks by the spy chiefs before the Senate Intelligence Committee. They expressed concern that computer technology is evolving so quickly it is hard for security experts to keep up.
"In some cases, the world is applying digital technologies faster than our ability to understand the security implications and mitigate potential risks," James Clapper, the Director of National Intelligence, told the committee.
In written testimony, Clapper softened his analysis somewhat, playing down the likelihood of catastrophic attacks on the U.S. in the near term, either through digital technologies, or from foreign or domestic militants employing traditional violence. But this year's annual threat briefing underscored how, a decade after the Iraq war began and nearly two years after the killing of al Qaeda leader Osama bin Laden, digital assaults on government and computer networks have supplanted earlier security fears.
On Monday, White House national security adviser Tom Donilon, citing complaints from U.S. businesses about alleged Chinese cyber espionage, said the issue is a growing challenge to economic relations between the U.S. and China. On Tuesday China said it was willing to meet Donilon's request that Beijing talk with the U.S. about cyber security.
THE ECONOMIC COSTS
Last month, a private U.S. computer security company issued a study accusing a secretive Chinese military unit of being behind hacking attacks on a wide range of American industries. China has denied such reports, and says it is a victim of cyber spying by the U.S. government.
The annual economic loss from cyber attacks is estimated to be in the tens of billions of dollars.
In a separate hearing Tuesday before the Senate Armed Services committee, Army General Keith Alexander, head of the U.S. military's Cyber Command, said cyber attacks on private companies and in particular on the U.S. banking sector were getting worse. He predicted that the intensity and number of attacks will grow significantly throughout the year.
Alexander said the military was beefing up its cyber warrior team, adding troops from across the military as well as civilians. He said there would be three teams: a Cyber National Mission force which will deploy teams to defend against national-level threats; a Cyber Combat Mission force in charge of operational control; and a Cyber Protection force which will defend the military's information systems. The goal is to add the new resources to the teams by the end of 2015, but one third of them are planned to be in place by this September.
Clapper also used Tuesday's Intelligence Committee hearing to give an alarming account of how U.S. intelligence capabilities will be damaged if Congress does not move to ease financial pressures caused by automatic across-the-board budget cuts known as sequestration.
Due to funding cutbacks, thousands of FBI employees could face furloughs, five thousand intelligence contractors could be terminated, cyber security efforts could be affected and older overhead intelligence collection systems, or spy satellites, could face cutbacks, he said. Intelligence agencies at a minimum want Congress to give them the authority to redistribute cuts among programs "to minimize the damage," he said.
Clapper presented to the Senate panel a 34-page paper that ran through a wide variety of threats covered by U.S. intelligence agencies, from continuing Middle East instability to what is predicted to be China's continuing domination of the world's supply of rare earth elements. On two of the most volatile global crisis points, the U.S. spy agencies' assessment was restrained.
While Iran is improving its expertise in technologies including uranium enrichment and ballistic missiles, which could be used in a nuclear weapons program, the intelligence community does not believe Iran's leadership has decided to build a nuclear weapon and does not know if or when it might do so. This assessment is consistent with a controversial 2007 finding, known as a National Intelligence Estimate, which concluded Tehran had "halted its nuclear weapons program" in fall 2003 and had not restarted it as of mid-2007, though it was keeping open the option of building nuclear weapons.
On Syria, U.S. spy agencies assessed that the erosion of the government of President Bashar al-Assad's ability to defend itself is accelerating. Assad's forces have stopped insurgents from seizing cities such as Aleppo, Damascus and Homs, but the agencies say insurgents have been gaining strength in rural areas. This could ultimately lead to the establishment of a "more permanent base" for the rebels in Idlib province along the border with Turkey.
The listing of cyber-related attacks as the top item in the annual threat assessment is a departure from assessments offered previously. In 2011 and 2012, the first threat listed in the agencies' annual assessment to Congress was terrorism.
This article is by Mark Hosenball and Patricia Zengerle of Reuters.