James Clapper, Director of National Intelligence (DNI), reiterated on Tuesday that cybersecurity is the top national threat in hearings on the Intelligence Community’s (IC) Worldwide Threat Assessment.

“The consequences of innovation and increased reliance on information technology in the next few years on both our society’s way of life in general and how we in the Intelligence Community specifically perform our mission will probably be far greater in scope and impact than ever,” Clapper said in a written statement at hearings of the Senate Armed Services Committee and Intelligence Committee, both held on Tuesday.

Director of National Intelligence James Clapper. Photo: ODNI.
Director of National Intelligence James Clapper. Photo: ODNI.

Clapper last week identified cyber issues as the greatest threat to national security since 2013 in a speech at the U.S. Naval Academy (Defense Daily, Feb. 5).

Although information technology (IT) developments pose challenges for cyber defenses and operational tradecraft, they are also creating new opportunities to collect intelligence, he said Tuesday.

Echoing the message of a Harvard report downplaying law enforcement encryption worries (Defense Daily, Feb. 2), Clapper highlighted four IT developments that will be increasingly important in the future: the Internet of Things (IoT), Artificial Intelligence (AI), foreign data science, and augmented reality (AR) and virtual reality (VR).

IoT encompasses devices not previously connected to the internet becoming networked. They are being developed for convenience, improved efficiency, and energy conservation, but “security industry analysts have demonstrated that many of these new systems can threaten data privacy, data integrity, or continuity of services,” Clapper said.

He noted that in the future intelligence services may use IoT resources to identify, surveil, monitor, location track, target for recruitment, or to gain access to networks/user credentials.

AI developments have several implications, including risks of increased vulnerability to cyberattack, difficulty in attribution, facilitation of advances in foreign weapon and intelligence systems, accident risk and liability issues, and unemployment. Clapper said this includes a range of AI systems, from “narrow AI” which are systems that execute specialized tasks like speech recognition, to “general AI,” which seeks to eventually replicate aspects of human cognition.

“The increased reliance on AI for autonomous decisionmaking is creating new vulnerabilities to cyberattacks and influence operations. As we have already seen, false data and unanticipated algorithm behaviors have caused significant fluctuations in the stock market because of the reliance on automated trading of financial instruments,” Clapper said.

Despite increased efficiency and performance gains from AI usage as well as potential cybersecurity benefits from automated computer network defense, such systems are susceptible to a range of disruptive and deceptive tactics that may be difficult to anticipate or quickly understand, Clapper said.

“Efforts to mislead or compromise automated systems might create or enable further opportunities to disrupt or damage critical infrastructure or national security networks,” he said.

Clapper noted the field of foreign data science is becoming increasingly mature. This allows other countries to purchase access to published U.S. research through aggregated publication indices, while also collecting social media and patent data for their own indices.

The DNI also explained the cyber threat coming from leading actors.

Russia is assuming a more assertive cyber posture based on a willingness to target critical infrastructure systems and conduct espionage operations even when detected and under higher public scrutiny, Clapper said.

“Russian cyber operations are likely to target U.S. interests to support several strategic objectives: intelligence gathering to support Russian decisionmaking in the Ukraine and Syrian crises, influence operations to support military and political objectives, and continuing preparation of the cyber environment for future contingencies.”

China also continues to successfully engage in cyber espionage against the U.S. government, allies, and industry, Clapper said.

The DNI said that the IC will continue to monitor the country’s compliance with its September 2015 commitment to refrain from conducting /supporting cyber-enabled theft of intellectual property (Defense Daily, Sept. 25, 2015). “Whether China’s commitment of last September moderates its economic espionage remains to be seen,” Clapper said at the hearing.

Iran and North Korea were both mentioned as the next threats, continuing to use cyber espionage and attacks to support their respective political objectives. Clapper noted South Korean officials have concluded North Korea probably compromised and disclosed data from a South Korean nuclear plant.

Finally, terrorists and criminals continue to use the Internet for their goals, Clapper said. Terrorists use it to organize, recruit, spread propaganda, collect intelligence, raise funds, coordinate operations, and ISIL attempts to spur “lone-wolf” attacks. Criminals continue to develop and use cyber tools to steal, extort, and facilitate other illegal goals. “Criminal tools and malware are increasingly being discovered on state and local government networks.”