WASHINGTON, D.C. — U.S. government civilian and military units have warned for nearly 25 years about a damaging cyberattack dubbed the “electronic Pearl Harbor.” While threats continue to intensify, America’s ability to deter and defend against such an assault still suffers from capability gaps, testified a top expert before a House panel.
The congressional witness is Jason Healey, a former Air Force intelligence action officer and one of the founding fathers of the first joint cyber war fighting command, the Joint Task Force – Computer Network Defense in 1998.
In his written testimony prepared for a House Armed Services Committee hearing Wednesday, Healy identified Russia, China, North Korea, Iran, and to a lesser extent terrorists as the top cyber adversaries facing the United States.
“Of America’s adversaries, Iran has been the most persistent conducting disruptive attacks meant to disrupt US companies and infrastructure, especially banks,” testified Healey, currently a cyberwar expert at the Atlantic Council.
Credibility is one of the top elements of cyber deterrence, which is essential to combating cyber assaults, according to Dr. Martin C. Libicki, a cyber security expert at the RAND Corporation, who also testified at the House panel hearing.
He acknowledged that “the United States has yet to retaliate to any cyberattack with any truly serious consequences of the sort that the rest of the world can see,” a lack of action that makes America more vulnerable.
“The credibility of U.S. reprisals cannot be ranked very high” at the moment, added Dr. Libicki.
While Iran is the most persistent cyber threat, cyber attacks stemming from Russia are increasingly getting bolder. “Since annexing Crimea, Russian cyber operations have gone from quiet, professional political and military espionage to far more aggressive and obvious intelligence and influence operations,” notes Healey.
Congressional hearing witness P.W. Singer, a cybersecurity expert at New America, told lawmaker that Russian cyber attacks on NATO targets are up 60 percent while those against the European Union have increased 20 percent in the last year alone.
Healy noted that America’s ability to defend against cyber attacks does not lie with the U.S. government and military but rather the private sector, which suffers the bulk of the attacks.
“Cyber power is not focused at Fort Meade with NSA and US Cyber Command. The center of US cyber power is instead in Silicon Valley, in Route 128 in Boston, in Redmond, Washington and in all of your districts where Americans are creating and maintain cyberspace and filling it with content the world is demanding,” he testified,
“Our critical infrastructure companies are on the front lines of nation state attacks and our cybersecurity companies collectively have even more capabilities to defeat these threats than our military, and can do so at no cost to the public purse,” he added.