The Next Wave of Cyberattacks Won’t Steal Data — They’ll Change It

Director of National Intelligence James Clapper, right, with CIA Director John Brennan, left, testifies on Capitol Hill in Washington, Thursday, Sept. 10, 2015, before the House Intelligence Committee hearing on cyber threats.

AP Photo/Pablo Martinez Monsivais

AA Font size + Print

Director of National Intelligence James Clapper, right, with CIA Director John Brennan, left, testifies on Capitol Hill in Washington, Thursday, Sept. 10, 2015, before the House Intelligence Committee hearing on cyber threats.

America’s intelligence chiefs say data that goes missing may become the least of our cyber worries.

The big attacks that have been disclosed so far in 2015 involved the theft of data, and a lot of it. Some 21 million personnel records were taken from the Office of Personnel Management, likely by China, while 4,000 records, some with “sensitive” information, were stolen from the Joint Chiefs civilian email system, a theft blamed on Russia.

But America’s top spies say the attacks that worry them don’t involve the theft of data, but the direct manipulation of it, changing perceptions of what is real and what is not.

Director of National Intelligence James Clapper spelled out his concerns in written testimony presented to the House Subcommittee on Intelligence today.

“Most of the public discussion regarding cyber threats has focused on the confidentiality and availability of information; cyber espionage undermines confidentiality, whereas denial of service operations and data deletion attacks undermine availability,” he wrote. “In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e., accuracy and reliability) instead of deleting it or disrupting access to it.”

The bottom line, Clapper says: “Decision making by senior government officials (civilian and military), corporate executives, investors, or others will be impaired if they cannot trust the information they are receiving.”

NSA Director Admiral Michael Rogers also testified, singling out “the use of cyber for manipulative, destructive purposes” as a rising and unacceptable threat.

What sort of information might hackers manipulate for some sort of tactical or strategic effect? Data that affects critical infrastructure is a good bet. Between 2010 and 2015, hackers penetrated Energy Department networks 159 times, according to records obtained by USA Today through a Freedom of Information Act Request.

And what is Congress doing about it? The long-debated Cybersecurity Information Sharing Act of 2015, currently in the Senate Intelligence Committee, is supposed to help by encouraging companies to send the government information related to network attacks, data theft, loss, manipulation, etc. The Department of Homeland Security, or DHS, would be in charge of coordinating that information and then sending it to the FBI, the NSA, or other agencies or parties as appropriate.

But Committee Chairman David Nunes, R-Calif., wondered whether DHS could do that effectively. He noted that the department’s Protected Critical Infrastructure Information Program had not been audited since 2006. “This raises serious questions about an Agency that many government representatives believe should be at the heart of our cybersecurity strategy.” Nunes said.

Last year, DHS accidently released more than 800 pages related to critical infrastructure when it bungled an open records request.

Clapper also said Russia’s Ministry of Defense is establishing its own cyber command, “which according to senior Russian military officials will be responsible for conducting offensive cyber activities.”

At one point, Jeff Miller, R-Fla., asked Clapper whether Russia might give cyber capabilities to Iran, which staged a successful cyber-physical attack on Saudi Arabian oil company Aramco in 2012. Clapper said that the question was “best left to closed discussion.”

Said Rogers: “We have not seen Iran step back from the use of cyber as a tool…to achieve a broader set of national objectives.”

Close [ x ] More from DefenseOne

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.


When you download a report, your information may be shared with the underwriters of that document.