House Intelligence Committee Chairman Mike Rogers on Thursday predicted the United States soon will be hit by a major attack on its digital infrastructure.
"Something pretty bad is coming," the Michigan Republican said during a forum in Washington, citing data provided to his panel by senior U.S. intelligence leaders.
U.S. officials, lawmakers and experts have for several years warned that an attack on America's electronic networks could do it significant economic and national security harm by paralyzing the banking system or allowing potential foes to steal military and intelligence data.
James Clapper, director of national intelligence, recently placed cyber security—along with terrorism and the proliferation of the world's most deadly weapons—"at the immediate forefront of our security concerns."
"In the last year, we observed increased breadth and sophistication of computer network operations by both state and non-state actors," Clapper told a Senate panel. "Our technical advancements in detection and attribution shed light on malicious activity, but cyber intruders continue to explore new means to circumvent defensive measures."
Clapper predicts an increase in cyber attacks on U.S. in the next several years. The U.S. government still struggles with detecting such attacks, and with determining when actions are for the purposes of spying or to cripple—or take down—U.S. networks, Clapper said.
"U.S. government engagement with private sector owners and operators of critical infrastructures is essential for mitigating these threats," Clapper said.
The catch? The government and industry have yet to find a way to trade data before and during suspected cyber strikes, as Rogers noted Thursday. One solution, the lawmaker said, might be for the government to be given the authority to inform the private sector when it learns of things like malicious source code that could infect companies' networks.
When it comes to sharing cyber attack data with the private-sector, companies like defense and intelligence firms that routinely do business with government agencies "should be fine," Rogers said. But without a clear policy that includes other key sectors, Rogers said the message for other firms is: "You're on your own."
Check out the latest in-depth defense coverage in the U.S. News Weekly