That is the sobering assessment of threats offered by the US Director of National Intelligence, James R. Clapper. In March testimony before a Senate select committee Clapper led off his threat analysis with a discussion of cyber-threats. Only afterwards did he discuss terrorism, weapons of mass destruction, and other concerns that previously dominated US national security thinking.
Physically destructive attacks against vital infrastructure, said Clapper, are unlikely outside of wartime. But non-state militants are capable of launching disruptive attacks against information networks, while state-supported cyber-espionage operations are targeting businesses as well as government agencies.
Clapper's remarks were measured. He did not follow the lurid script sometimes offered by the mass media (and criticized by other sections of that same mass media). While cyber-attacks aimed at wreaking physical havoc against vital infrastructure are possible, said Clapper, such attacks are beyond the capability of terrorist groups. Nor are national states that might be capable of such attacks likely to launch them except in wartime.
Threats aimed at information networks, however, are much more immediate. Cyber-militants in the Middle East have launched attacks against US banks, and succeeded in deleting information from 30,000 oil-industry workstations in Saudi Arabia.
At the same time, cyber-espionage has become a widespread threat. Numerous links point to nation-state security operatives as directly involved in or supporting these operations. In particular, Chinese and Russian intelligence agencies are both believed to be prominent in cyber-espionage activities.
Cyber-espionage operations are being conducted against both US government agencies and American businesses. According to Clapper, US intelligence analysts "assess that highly networked business practices and information technology are providing opportunities for foreign intelligence and security services, trusted insiders, hackers and others to target and collect sensitive U.S. national security and economic data."
The distinction between strategic espionage and industrial espionage has become blurred, with cyber-spies aiming to steal technology that has provided the foundation for both US economic and military advantages.