CybersecurityBeyond data theft: Next phase of cyber intrusions will include destruction, manipulation of data

Published 11 September 2015

James Clapper, director of U.S. intelligence, and other senior intelligence officers, have warned Congress that the next phase of escalating online data theft will likely involve the manipulation of digital information. Clapper on Wednesday told lawmakers on the House Intelligence Committee that a “cyber Armageddon,” in which a digitally triggered damage to physical infrastructure results in a series of catastrophic events, is less likely than “cyber operations that will change or manipulate data.” Leaders of the U.S. intelligence community told lawmakers that the manipulation or destruction of data would undermine confidence in data stored on or accessible through U.S. networks, engendering an uncertainty which could jeopardize U.S. military situational awareness and undermine business activity.

James Clapper, director of U.S. intelligence, and other senior intelligence officers, have warned Congress that the next phase of escalating online data theft will likely involve the manipulation of digital information.

Clapper on Wednesday told lawmakers on the House Intelligence Committee that a “cyber Armageddon,” in which a digitally triggered damage to physical infrastructure results in a series of catastrophic events, is less likely than “cyber operations that will change or manipulate data.”

Clapper’s testimony was supported by Admiral Michael Rogers, the director of the National Security Agency, who said that while such attacks are yet to be carried out, U.S. business and governmental agencies had entered an era of persistent “low-to-moderate level cyber-attacks from a variety of sources.”

The Guardian reports that both said that U.S. digital networks are currently threatened by wide-scale data theft, like the recent breach of the networks of the Office of Personnel Management (OPM), not destruction or compromise.

Rogers and Clapper told lawmakers that the next phase of malicious digital intrusions, which would include not only the theft but also the manipulation or destruction of data, would undermine confidence in data stored on or accessible through U.S. networks, engendering an uncertainty which could jeopardize U.S. military situational awareness and undermine business activity.

“I believe the next push on the envelope is going to be the manipulation or the deletion of data which would of course compromise its integrity,” Clapper told the House panel.

Rogers testified that while the NSA and its military counterpart, the U.S. Cyber Command which he commands, had clear rules for protecting U.S. networks, their authority to engage in offensive cyber operations was less clear.

In 2013, the Guardian, relying on information leaked by Edward Snowden, published a secret directive on U.S. digital offensive capabilities and a framework for the use of such capabilities.

There is “still uncertainty about what is offensive and what is authorized”, Rogers said. “That’s a policy decision.”

Rogers suggested that while offensive cyberattacks were “an application of force” similar to conventional military conflict, the NSA or Cyber Command need a freer hand to engage in offensive cyber operations. He warned: “A purely defensive strategy is not going to change the dynamic we find ourselves in now.”

Rogers also said that it was urgent to create new international cyber standards which would prohibit “extracting mass personally identifiable data.”

Rogers stressed that the international community should not accept data destruction as a national practice, although some pointed out that the United States and Israel in all likelihood ushered in the age of digital destruction by creating the Stuxnet worm which took over and manipulated the industrial control systems of Iran’s uranium enrichment centrifuges, resulting in wide-spread damage to Iran’s enrichment capabilities.

In his presentation to the committee, FBI director James Comey, backed by Rogers, repeated his call for a law which would require tech companies to allow surreptitious access into end-to-end encrypted data. Comey told the lawmakers that technology experts in his agency have been working hard to find a mathematical solution which would allow U.S. law enforcement agencies access without exposing sensitive data to increased insecurity.

Critics of the FBI’s approach, and more than a few leading cryptographers, have said that Comey’s effort was not much more than “magical thinking,” but Comey said: “My reaction to that is, really? Have we really tried?”

Clapper said that there was no consensus within the intelligence agencies as to the ultimate culprit in the mass exfiltration of federal employees’ data at OPM.

Rogers said the NSA had provided the office with “19 specific recommendations” to thwart a future hack, but did not explain why the U.S. government agencies in charge of protecting government networks did not spot the vulnerabilities before four million personnel records were stolen, in all likelihood by China.

“I don’t think anyone is satisfied with the environment we find ourselves in right now,” Rogers said.