The top US intelligence official said he was skeptical that a new U.S.-China cyber agreement would slow a growing torrent of cyber attacks on USA computer networks, adding that his approach will be to “trust but verify”. “We’ve agreed that neither the USA or the Chinese government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage”.
There are “differing degrees of confidence” across the intelligence community as to who is to blame, said Clapper.
“Hope springs eternal”, Director of National Intelligence James Clapper told the committee when he was asked if he thought the agreement meant an end to a wave of cyberattacks that’s been attributed to China.
“Speaking of the OPM breaches, let me say a couple words about attribution: it is not a simple process and involves at least three related, but distinct determinations: the geographic point of origin, the identity of the actual perpetrator doing the keystrokes, and the responsibility for directing the act”, Clapper said. “We are not winning the fight in cyberspace”, he said.
The U.S. suspects China of being behind several high profile data breeches, including one at the Office of Personnel Management, which exposed the personal records of 21.5 million government employees and jobseekers.
“There’s a difference between an agreement on paper and having the Chinese government, including the People’s Liberation Army, actually stop conducting and supporting cyber attacks on US companies”.
Robert Work, deputy secretary of defense, agreed. He said the Pentagon was finalizing a broad cyber warfare policy that was supposed to have been shared with Congress over a year ago. Martin Heinrich, D-N.M., noted, a foreign agent who was nabbed trying to steal USA secrets would be kicked out of the country if he or she had diplomatic cover or thrown in jail otherwise.In the OPM breach, he said, the US government seems uncertain about what a proportioned response would look like.The counterintelligence risks of the OPM breach are significant, Clapper said. These costs would vary, he said, but in the case of China likely be in the form of economic sanctions.
Separately, the four-star general leading the US military command that transports troops and cargo told Reuters that he was concerned about cyber attacks on its contractors and industry partners.
This is not the first time Rogers has spoken out about the staggering number of threats facing the U.S.in the cyber realm.