National Security Agency and U.S. Cyber Command head Adm. Michael Rogers warned lawmakers during a congressional briefing this week that the U.S. would suffer a severe cyberattack against critical infrastructure like power or fuel grids in the not-too-distant future.
“I fully expect that during my time as a commander, we are going to be tasked with defending critical infrastructure in the United States,” Rogers said while citing findings from an October Pew Research Center report. “It’s only a matter of the when, not the if, that we’re going to see something dramatic… I bet it happens before 2025.”
Rogers told the House Intelligence Committee Thursday he expected the attack to occur during his tenure as head of NSA the U.S. military’s cyber-war branch, and that it would likely come from state-sponsored hackers with ties to China, Russia or several other countries, many of whom have already successfully breached the systems of critical U.S. industries.
“There are multiple nation-states that have the capability and have been on the systems,” Rogers told the committee, adding that many were engaged in “reconnaissance” activities to surveil “specific schematics of most of our control systems.”
“There shouldn’t be any doubt in our minds that there are nation-states and groups out there that have the capability… to shut down, forestall our ability to operate our basic infrastructure, whether it’s generating power across this nation, whether it’s moving water and fuel,” Rogers said, warning China and “one or two others” had already broken into the U.S. power grid.
Rogers also predicted that in the coming years, cyber criminals previously engaged in stealing bank, credit card and other financial data would start to be co-opted by nation-states to act as “surrogates,” obscuring countries’ fingerprints in the infiltration and theft of information valuable to planning attacks.
The admiral added that such criminal groups, which are often Russian-speaking, have already been using state-developed cyber tools. (RELATED: NSA Considered Dropping Phone Records Program Years Before Snowden Leak)
The U.S. Senate voted down consideration of a bill on Tuesday that would have reigned in the NSA’s powers to conduct domestic surveillance, upping the legal hurdles for certain types of spying Rogers repeated Thursday he was largely uninterested in. (RELATED: Senate Sinks NSA Reform)
“I don’t want people’s personal data. Names, addresses — that’s none of the kind of thing we’re talking about,” Rogers said, adding the bulk collection of such data only slows the agency down because of legal provisions meant to safeguard American citizens’ privacy. The NSA director also claimed the agency was not monitoring private-sector networks. (RELATED: This Legal Loophole Could Let NSA Spy On Americans Long After The Patriot Act Expires)