U.S. networks, including the electric grid, are less threatened by cyber attacks from nation-states than from damage inflicted by rogue entities such as web activists, former CIA and NSA Director Michael Hayden said today. And although China is a major cyber threat from an economic perspective, it does not seem a likely source of destruction to U.S. networks.
"Without question the country that is out there stealing most of our stuff is China," Hayden said at a Bipartisan Policy Center conference on protecting the electric grid from cyber threats. "There is evidence that they are out there on SCADA networks as well as just penetrating networks just to steal our stuff."
But, Hayden said, "frankly I find it hard to imagine circumstances where China would want to do something incredibly destructive to any American network, the grid, absent a far more problematic international environment in which the cyber attack itself is part of a larger package of really, really bad things."
The real threat to the grid and other networks may not be nation-states such as China or criminals out to make a buck but unpredictable rogue players, including terrorist groups and web transparency activists. "Sooner or later governments can be held to account. Fundamentally criminals want to make money and they enter into a symbiotic relation with the host," Hayden said.
Those loosely defined players, though, are "beginning to acquire capacities that a year or two or three ago we equated with the more competent groups" and their "demands may be unsatisfiable," according to Hayden. "This is going to get worse before it gets better."
The philosophy embedded in the U.S. Constitution makes it hard to create adequate cyber defenses because "we have not yet created a consensus as to what we want our government to do..or what we will let our government do," Hayden said. "I’m willing to accept the proposition that forever the United States will have one of the least well-defended networks on this planet because of James Madison and Alexander Hamilton and all of those good folks who wrote the Federalist papers."
Addressing the revelations flowing from the leaks of former NSA contractor Edward Snowden, Hayden said that the ensuing fears of an overly aggressive government will "freeze" the government's ability to protect private industry and that private industry must learn to protect itself. "The next sound you hear will not be a bugle and the sound of pounding hoofs as the federal cavalry comes over the ridge line to your rescue," he said. "To the degree that you never expected it down here in the physical domain, you are responsible for your safety in the digital domain personally and corporately."
The federal government, though, needs to step up its cybersecurity efforts, particularly in the arena of information sharing, electric industry representatives speaking at the same event said. Speaking of state regulator capabilities for addressing cybersecurity issues, Doug Myers, CIO of Pepco Holdings, said "if the conversation at the state level could be informed by a clear and compelling federal vision…I think would be very helpful."
"The issue has to be addressed at the federal level," Ed Goetz, VP of Corporate and Information Security at Exelon said. "I think the president’s executive order opened the door to this possibility."
However, information sharing works best as a two-way street, Scott Saunders, Information Security Officer at Sacramento Municipal Utility District said. "if we pull together in a more cohesive manner we can provide information back to the government about what is happening to us."