Former DNI: If U.S. went to war today in a cyberwar, it would lose

“We’re the most vulnerable, we’re the most connected, we have the most to lose. We will not mitigate this risk,” added McConnell, now an executive vice president for consulting firm Booz Allen Hamilton’s national security business. “And as a consequence of not mitigating this risk, we are going to have a catastrophic event.”

AFP reports that Tuesday’s hearing came a little over a month after Google revealed that it and other U.S. companies had been the target of a series of sophisticated cyberattacks originating in China.

“National security and our economic security are at stake,” said Democratic Senator Jay Rockefeller, the panel’s chairman and a co-sponsor of a bill seeking to bolster public and private sector cybersecurity cooperation. “A major cyberattack could shut down our nation’s most critical infrastructure — our power grid, telecommunications, financial services.”

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies (CSIS), said that government intervention would probably be needed to crack down on the “Wild West” the Internet has become. The greatest threat to the United States comes from cyber espionage and cyber crime, he said, calling them a “major source of harm to national security.”

“We have lost more as a nation to espionage than at any time since the 1940s,” Lewis said.

Scott Borg, director of the U.S. Cyber Consequences Unit, also warned of the economic damage from cyberattacks. “Cyberattacks are already damaging the American economy much more than is generally recognized,” said Borg, whose independent research institute investigates the economic and strategic consequences of cyberattacks. “The greatest damage to the American economy from cyberattacks is due to massive thefts of business information. This type of loss is delayed and hard to measure, but it is much greater than the losses due to personal identity theft and the associated credit card fraud,” he added.

In his prepared remarks, McConnell said the United States needs a “national strategy for cyber that matches our national strategy that guided us during the Cold War, when the Soviet Union and nuclear weapons posed an existential threat to the United States and its allies.”

He pointed to U.S. president Barack Obama’s appointment of a cybersecurity coordinator in December and his national cybersecurity initiative as moves in the right direction, but said they were not enough. “The federal government will spend more each year on missile defense than it does on cybersecurity,” he said, despite the potential for attacks that “could destroy the global financial system and compromise the future and prosperity of our nation.”

In order to secure cyberspace, McConnell suggested the United States provide a “more robust commitment” in leadership, policies, legislation and resources.

He called for establishing a National Cybersecurity Center modeled after the National Counter Terrorism Center set up after the 9/11 attacks on New York and Washington.

The center would integrate elements of the Pentagon’s proposed Cyber Command, DHD’s National Cybersecurity and Communications Integration Center, and the cyber operations of the Federal Bureau of Investigation, state and local governments and the private sector. It would also serve as “the hub of information sharing and integration, situational awareness and analysis, coordination and collaboration,” McConnell said.