In a hearing before the Senate Intelligence Committee to discuss the public portions of a new national security threat assessment, top intelligence and law enforcement officials said that attacks against financial networks and the critical infrastructure are major threats to the United States’ security. But those threats, as serious as they may be, were not the ones that many of the committee members wanted to discuss. Instead, they were mainly interested in talking about Edward Snowden and the damage his disclosures may have caused to the country and its intelligence-gathering and security capabilities.
The committee, which ostensibly was there to discuss the intelligence community’s latest threat assessment, spent much of the hearing discussing Snowden’s disclosures, the need–or lack thereof–for intelligence reform and whether the leaks of the documents he stole have harmed the country’s security. James Clapper, the director of national intelligence, and Lt. Gen. Michael Flynn, director of the Defense Intelligence Agency, both asserted that Snowden’s leaks have caused serious damage to U.S. security and placed the lives of soldiers and intelligence officers in danger.
Clapper, who has come under fire for his statements to Congress about the NSA’s collection of intelligence on Americans, called Snowden’s actions “the most massive and most damaging theft of intelligence information in our history” and said that the disclosures have caused “profound damage”.
“As a result, we’ve lost critical intelligence sources,” Clapper said during the hearing Wednesday morning. “The intelligence community is going to have less capacity to protect our nation.”
Flynn echoed those sentiments, saying in response to a question that Snowden’s leaks have had serious consequences that may not be felt for years to come.
“This has caused grave damage to our national security,” Flynn said. The true cost, he added, will likely come in the form of “human lives on tomorrow’s battlefields.”
The questions and statements about Snowden’s actions overshadowed some other issues that were raised during the hearing. Sen. Ron Wyden (D-Ore.), a frequent vocal critic of the NSA’s collection programs, used his time toward the beginning of the hearing to ask several pointed questions about domestic surveillance. Specifically, he questioned CIA Director John Brennan about the agency’s activities in the U.S.
“Does the Computer Fraud and Abuse Act apply to the CIA?” Wyden asked, referring to the main U.S. statute that applies to computer crimes.
Brennan said he wasn’t sure and would have to check and get back to Wyden later with an answer. The CIA, like the NSA, is chartered to conduct foreign intelligence operations, not domestic surveillance.
Responding to another question from Sen. Mark Udall (D-NM), who also has been outspoken in his criticism of intelligence methods, about whether the CIA conducts domestic surveillance, Brennan said that the agency follows the law.
The newly published threat assessment from the intelligence community focuses quite a bit of attention on information security issues, especially attacks on financial systems and cyber espionage operations. The report stresses that online crime and intellectual property theft through cyber espionage operations represent serious threats to U.S. security and economic viability.
“Internationally, China also seeks to revise the multi-stakeholder model Internet governance while continuing its expansive worldwide program of network exploitation and intellectual property theft. Iran and North Korea are unpredictable actors in the international arena. Their development of cyber espionage or attack capabilities might be used in an attempt to either provoke or destabilize the United States or its partners. Terrorist organizations have expressed interest in developing offensive cyber capabilities. They continue to use cyberspace for propaganda and influence operations, financial activities, and personnel recruitment,” the report says.
The threat assessment, which also includes discussion of the major physical threats to the U.S., doesn’t go into much in the way of specifics, but says that attacks on critical infrastructure networks represent a serious threat.
“Critical infrastructure, particularly the Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems used in water management, oil and gas pipelines, electrical power distribution, and mass transit, provides an enticing target to malicious actors. Although newer architectures provide flexibility, functionality, and resilience, large segments of legacy architecture remain vulnerable to attack, which might cause significant economic or human impact,” the report says.
Photo from Flickr images of John D. Rockefeller.