Contrary to much of the fear-mongering that has been spreading through the nation’s capital on cybersecurity matters lately, the director of national intelligence bucked that trend on Tuesday when he told a senate committee that there was little chance of a major cyberattack against critical infrastructure in the next two years.
DNI James Clapper was a singular voice of reason when he told the Senate Select Committee on Intelligence that lack of skills on the part of most attackers and the ability to override attacks on critical infrastructure with manual controls would make such attacks unfeasible in the near future. He also said that nation states that might have the skills to pull off such an attack lack the motive at this point.
“We judge that there is a remote chance of a major cyber attack against U.S. critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage,” Clapper said in his statement to the committee. “The level of technical expertise and operational sophistication required for such an attack — including the ability to create physical damage or overcome mitigation factors like manual overrides — will be out of reach for most actors during this time frame. Advanced cyber actors — such as Russia and China — are unlikely to launch such a devastating attack against the United States outside of a military conflict or crisis that they believe threatens their vital interests.”