Director of National Intelligence Dan Coats warned at the Aspen Security Forum on Thursday that he fears a “cyber 9/11” or terrorist use of weapon of mass destruction that could inflict 100 times the casualties seen on Sept. 11, 2001.
The previous week, Coats declared in a speech at the Hudson Institute in D.C. that, like before 9/11, “the warning lights are blinking red again” as “the digital infrastructure that serves this country is literally under attack.”
Coats told the Aspen forum that Russia is “by far” the greatest aggressor on this front.
“It means we’re under attack in many, many ways. Our financial institutions, our critical infrastructure, our industries. In many ways,” he said. “The plus side of what the interconnectedness of the world through the Internet, all the revolutionary things that have been incredibly impactful in terms of moving us forward, we’re now learning about the dark side, and it’s pretty ugly. What we see every day against our institutions, against our military, against our financial services, against our critical infrastructure, stretching from those who have major capabilities of doing this, starting with Russia, including China maybe for a different purpose of stealing our innovations.”
China’s intent, the DNI said he believes, “is different than the Russians.”
“Add Iran into that. Add ISIS into that. Here we thought — we first learned about ISIS when they started slicing off heads. We identified ISIS as a 7th Century barbarism that was just totally unacceptable. Where did this come from? Where did this theology come from?” Coats continued. “At the same time they were slicing off heads, they were operating a sophisticated cyber program to reach out to recruit people, to give them instructions, inspire them to take acts to join this movement, this jihadist movement, through some very capable ways of using cyber, sophisticated ways.”
“You see the danger that cyber can provide if you do it in nefarious ways. We see that. It’s everything from a sophisticated nation with a lot of capabilities to rogue states, to criminal organizations, to a kid sitting in his dorm room, that can wreak havoc on our economy, wreak havoc on our country, on our critical infrastructure. We are throwing everything we have at it to prevent that from happening, but it has become, in my mind and what I stated in the threat assessments, up there at the top. We need to understand that.”
Coats said he is “worried about a complacency, oh, you know, every day you hear 120 million people’s names have been snatched from Equifax or this or that or whatever.”
“Yeah, yeah, OK. And they probably got stuff from you through your phone. You should be changing your password every week. ‘Oh, I’m not going to do that. I can’t remember my password anyway, etc., etc.’ There’s a complacency and acceptance of what’s happening out there,” he added. “This is just what it is, this is just the result of it. I’m concerned about — you know, you say ‘what are worried about at night?’ I’m concerned about a cyber 911.”
Asked what a cyber 9/11 would look like, Coats explained, “Let’s say you shut down Wall Street for a week. What does that do to world markets and people’s investments? Let’s say you crash Bank of America or Wells Fargo or whatever, and all of a sudden people are saying, ‘Hey, wait a minute, what happened to my account, what happened to my retirement? Oh, we’ll get it back.’ OK. We’ve seen this and we’ve seen coverage of that. We haven’t seen the big one.”
“What about an attack on the electric grid in New England in January that may be sophisticated enough to take it out for three days? How many people will die from minus-degree weather on that? Those are the things that I think you have to try to anticipate,” he said. “What are the capabilities that our adversaries now have if they wanted to use them?”
“…These are things I think, strategically, we have to look forward. Tom Clancy’s Sum of All Fears, when a terrorist group obtains a weapon of mass destruction: If the weapon of mass destruction had been one of those airliners that hit the Twin Towers, we wouldn’t be talking about 3,000 victims, we’d be talking about 300,000 or more. These are the things we have to think about.”
Coats argued that “we can’t rest on our laurels that yes, we collect a lot of information, we know what’s going on.”
“There are people out there playing this game of chess with us in ways that want to take us down, and we have to be better than they,” he said. “That is a huge challenge, which is why I say it’s a whole of government effort that has to take place relative to cyber.”
The director was asked whether the U.S. has detected successful infiltration of critical infrastructure sectors.
“Well, sure. We see — all you have to do is pick up the paper and see who was the latest hack, successful hack,” Coats replied. “There are penetrations in areas from any number of — attribution is one of the problems that we have. You’re not lining up tanks and planes here and can see where the enemy is. You don’t know exactly where it’s coming from… this is something that is broad, and we see it coming from all different sources.”