The top U.S. intelligence official painted a grim picture on Friday of the many types of cyberthreats the U.S. faces across critical infrastructure sectors and highlighted the ways the government is countering them.
“These attacks come in different forms. Some are tailored to achieve very tactical goals, while others are implemented for strategic purposes, including the possibility of a crippling cyberattack against our critical infrastructure,” said Director of National Intelligence Dan Coats, speaking at the Hudson Institute, a Washington, D.C., think tank.
“But all of these desperate efforts share a common purpose to exploit America’s openness in order to undermine our long-term competitive advantage.”
Coats said that U.S.’s digital infrastructure is under constant attack from foreign entities including China, Iran and North Korea, but he singled out Russia as the “most aggressive” one, highlighting the country’s reported efforts to use hacking and information campaigns to influence U.S. elections.
The director sought to clarify recent comments from a top Department of Homeland Security official that suggested the intelligence community has seen a decline in intent from Russia to interfere in future elections.
“I think there may have been some confusions on what we were seeing now compared to what we saw in 2016 because the Department of Homeland Security noted we are not yet seeing the kind of electoral interference in specific states and in voter databases that we experienced in 2016,” Coats said. “We are just one click of the keyboard away from a similar situation repeating itself.”
Coats’ talk took place within hours of the Department of Justice’s announcing new indictments of 12 Russian intelligence officers for allegedly hacking into the Democratic National Committee and other election-related entities in the run-up to the 2016 election.
But Coats also warned against having tunnel vision focused on the elections, noting that foreign actors continually target other aspects of U.S. critical infrastructure.
“DHS and FBI, in coordination with international partners detected Russian government actors targeting government and businesses in the energy, nuclear, water, aviation and critical manufacturing sectors. The warning signs are there. The system is blinking and it is why I believe we are at a critical point,” he said.
A silver lining that Coats pointed out is that the intelligence community is more integrated and better at sharing information across the 16 agencies that make it up than in past years. However, he said, challenges remain when it comes to coordination between the IC and the private sector organizations that closely watch the threats U.S. infrastructure faces.
“The respective self-interest of the government, the private sector and the public have created independence rather than complementary lines of effort and awareness,” Coats said. “Everyone, if we are to succeed in dealing with this threat, must take ownership of the challenge.”
Coats noted that in order to actively counter threats, President Donald Trump has authorized several actions, including attribution, criminal indictments and economic sanctions – all of which the administration has recently used.
The director said that the National Security Council, which plays a significant role in the White House’s cybersecurity strategy, is working to make sure the issue of foreign cyberthreats is a top priority for the White House despite being in a “transition period.”
“Transition” is not an understatement. Trump recently brought on John Bolton to replace H. R. McMaster as his national security adviser. Bolton ushered in a series of changes, including nixing the role of White House cybersecurity coordinator. Eliminating the role has been a contentious issue and lawmakers have urged the White House to reinstate it.