US Ignores China, N. Korea Cyber Threats, Top Spy Says
Director of National Intelligence James R. Clapper in an official photograph.
NEW YORK — American businesses need to take significant steps to prevent theft of trade secrets by Chinese spies, North Korea is "deadly serious" about harming the United States through online attacks, and federal budget cuts and the Snowden leaks have left the country less safe, Director of National Intelligence Gen. James R. Clapper said yesterday (Jan. 7).
"China has been robbing our industrial base blind, largely with vulnerabilities that are easy to guard against or to simply fix," Clapper said at the International Conference on Cyber Security, a public-private symposium for law-enforcement officials and corporate executives held at the Manhattan campus of Fordham University every year.
There are three things that all American enterprises need to do to protect themselves "from the vast majority of attacks — from the Chinese and elsewhere," Clapper said.
"One, patch IT software obsessively," he said. "Two, segment the data — a single breach shouldn't give attackers access to an entire network infrastructure and a mother lode of proprietary data."
Third, he recommended that companies pay attention to the threat bulletins regularly issued by the FBI and the Department of Homeland Security.
"Bad cyber actors are using precisely these avenues to steal our lunch every day," Clapper said. "The Chinese, in particular, are cleaning us out, because we know we're supposed to do these simple things, and yet we don't do them."
Additionally, Clapper urged companies to "teach folks what spear phishing looks like."
Spear-phishing attacks were central to the devastating theft of cryptographic seeds from security-token maker RSA in 2011, which quickly led to network penetration of major American defense contractors.
"In national defense, few things turn heads like seeing your aviation system flying over the skies of a foreign nation, with a different flag on the tail," Clapper said, "or finding out that an adversary is already working to counter your expensive cutting-edge capabilities that haven't been released yet.
"In the private sector," he added, "there are few things more dispiriting to corporate health and morale, and corporate wealth, than seeing proprietary products show up in a foreign market a month before a product launch for a tenth of the price."
Growing North Korean threat
However, Chinese spies stealing industrial secrets are not the most significant threat to American computer networks, Clapper said — they're just "much noisier" than state-sponsored hackers from other countries.
Graver threats come from Russia, which has a very sophisticated offensive-hacking strategy that would be very destructive in a time of war, he said, and from Iran and North Korea, which are using cyberattacks as inexpensive force multipliers.
North Korea wants to be seen as a world power, Clapper explained, which is why it spends so much money on nuclear weapons, diverting resources from its conventional military. In that light, he said, offensive cyberattacks are a way to achieve maximal effect at relatively low cost.
In early November, Clapper traveled to North Korea to gain the release of two Americans held in Pyongyang, where he had a contentious dinner with a North Korean general who was the head of the country's signals-intelligence agency. Clapper said he presumes the general gave the order to attack Sony Pictures Entertainment, which Clapper called "the most serious cyberattack ever made against U.S. interests.
"They really do believe they're under siege from all directions," he said. "They are deadly, deadly serious about affronts to the supreme leader, whom they consider to be a deity. I watched 'The Interview' over the weekend, and it's clear to me the North Koreans don't have a sense of humor."
Less safe now than before
Americans themselves need to be serious about threats from other countries and terrorists, Clapper said, because budget cuts and the leaks by former National Security Agency contractor Edward Snowden have undermined intelligence-gathering capabilities. As a result, the amount of viable information the intelligence community can give to government decision-makers has been cut back in recent years.
"We as a nation are accepting more risk," Clapper said. "We are not as safe and secure as we used to be."
As an example, Clapper said the Snowden documents compromised an intelligence-gathering system, which he did not name, that had been operating in Afghanistan. The loss of this system "poses a direct threat to our personnel there."
The sheer amount of malicious activity on the Internet almost brings about nostalgia for a seemingly simpler time, Clapper admitted.
"Sometimes, it makes me long for the halcyon days of the Cold War," he said, when the world essentially had two communication networks — one for the West, one for the Soviet bloc. "But now we're all interconnected and we're all global.
"Our task is to define the bad actors," Clapper added. "We're looking for thousands of needles, scattered among acres and acres of haystacks."
- 12 Computer-Security Mistakes You're Probably Making
- 7 Scariest Security Threats Headed Your Way
- Best PC Antivirus Software