NSA Chief: Damaging Cyber-Attack Coming
Rogers Says U.S. Has Plans to Defend Critical InfrastructureThe director of the National Security Agency, Navy Admiral Michael Rogers, says he expects to see adversaries launch a cyber-attack in the next few years aimed at severely damaging America's critical infrastructure.
See Also: Gartner Market Guide for DFIR Retainer Services
"I fully expect that during my time as commander, we're going to be tasked to help defend critical infrastructure within the United States because it is under attack by some foreign nation or some individual or group," Rogers told the House Select Committee on Intelligence on Nov. 20.
Rogers, who also serves as commander of the U.S. Cyber Command, said the government is better prepared to defend against those attacks than it was two years ago. Although he wouldn't provide details at a public hearing, Rogers said he's confident about the processes established to mount a cyber-defense of the nation's critical infrastructure.
Rogers on the composition of NSA/Cyber Command workforce.
"Boy, if I go back two years ago, 18 months, we were spinning our wheels about who was going to do what," Rogers told lawmakers. "But, we're way past that. We got good delineation in the federal government as to who has what responsibilities. We got good, broad agreement as to how we'll go about providing that capability with attacks against critical infrastructure."
Still, executing on the detail of the cyberdefense remains a challenge. "I come from a military culture, and the military culture teaches us: You take those broad concepts and agreements, and you train and you exercise, and you do it over and over," Rogers said. "And that we got to do next."
Attacks Are Looming
Asked about a Pew Research survey released last month in which cybersecurity experts predict a cyber-attack would cause widespread harm to the nation's security by 2025, Rogers said he expects that a digital assault will happen much sooner. "It's only a matter of the when, not the if, that we will see something traumatic," the NSA director said.
Rogers said he sees the 2012 cyber-attack that disabled 30,000 computers of the oil company Saudi Aramco as a precursor to what could occur, noting that hackers have already penetrated key U.S. government and critical infrastructure IT systems to conduct surveillance. Once in a system, he said, the adversaries could turn destructive, if they choose, by shuttering turbines at power plants or disrupting electrical distribution systems, for instance, with a flip of a switch.
Rogers on retaining cybersecurity talent.
Except for China, the cyber commander wouldn't identify specific nation-states that pose a threat to the nation's critical infrastructure, but said some nations are turning to cybercriminal gangs as proxies to attack critical infrastructure to camouflage their nefarious activities in cyberspace.
"I'm watching nation-states attempt to obscure, if you will, their fingerprints, and one of the ways to do that is to use surrogate groups to attempt to execute these things for you," Rogers said. "We're watching criminal actors start to use some of the tools that we've historically seen nation-states using, which suggests to us that increasingly, in some scenarios, we're going to see more linkages between the nation-state and some of these groups. That's a troubling development for us."