NSA: China thefts could lead to attack
WASHINGTON — Several foreign countries, including China, have infiltrated the computers of critical industries in the United States to steal information that could be used in the planning of a destructive attack, the director of the National Security Agency said Thursday.
That was one of the cyberthreats outlined at a congressional hearing by Adm. Michael Rogers, who also said he expects that criminal gangs may become proxies for nations carrying out attacks on other nations.
“There are multiple nation-states that have the capability and have been on the (industrial) systems,” he said before the House Intelligence Committee.
“We see them attempting to do reconnaissance on our systems” to steal “specific schematics of most of our control systems” down to the engineering details, said Rogers, who also heads U.S. Cyber Command, the Pentagon's cyberoffensive unit.
In the past, U.S. intelligence officials warned that the Chinese had penetrated the electric grid. Now, Rogers has confirmed that “there's probably one or two others” that have also wormed their way in.
“There shouldn't be any doubt in our minds that there are nation-states and groups out there that have the capability ... to shut down, forestall our ability to operate our basic infrastructure, whether it's generating power across this nation, whether it's moving water and fuel,” he said. “Those tend to be the biggest focus areas that we have seen.”
A recent report by Mandiant, a security company, stated that Chinese government hackers have stolen data relating to manufacturing processes from a maker of power systems. Other security researchers say they have found evidence of the Russian government targeting U.S. industrial control systems.
In May, federal prosecutors announced charges against a special Chinese military intelligence unit of hacking into computers and illegally obtaining information from five entities with Pittsburgh ties — Alcoa, Allegheny Technologies Inc., Westinghouse Electric Co., U.S. Steel Corp., and the United Steelworkers union — and a German-owned solar manufacturer in Oregon. An indictment by a Pittsburgh federal grand jury accused five members of the People's Liberation Army of cyber-espionage.
Rogers, who in April became the head of the NSA and of Cyber Command, said that foreign criminal gangs have traditionally hacked into U.S. commercial systems to steal information, such as credit card numbers, that they could sell to generate revenue. He forecast that, in the coming year, “you will start to see ... in many instances some of those criminal gangs not engaging just in the theft of information . . . but also potentially as a surrogate for other groups, other nations” that want to “obscure their fingerprints.”
The gangs, most of which are Russian-speaking, have begun in some cases to use the tools developed by nation-states.
“Cyber hit men for hire,” quipped Rep. Mike Rogers, R-Mich., the committee chairman.
The Cyber Command head said he agreed with a recent Pew Research Center report that found a majority of cyberexperts predicted a catastrophic attack within the United States by 2025. “I fully expect that during my time as a commander, we are going to be tasked with defending critical infrastructure in the