WASHINGTON –
Good cyber hygiene, which includes things like regularly changing passwords or applying software security patches, plays an outsized role in preventing America's adversaries from hacking into and crippling U.S. infrastructure systems, such as power, water or gas.
On Capitol Hill May 2, Director of National Intelligence Avril D. Haines told members of the Senate Armed Services Committee that in many cases where it's been evident that U.S. adversaries have demonstrated an ability to hack into U.S. infrastructure systems, good cyber hygiene would have prevented it.
"This year, cyber actors are attacking U.S. industrial control systems, which are typically used to automate industrial processes, at record levels," Haines said.
Critical infrastructure sectors — including water, wastewater, food, agriculture, defense, energy and transportation —rely on these kinds of systems, she said.
"Although the likelihood of any single attack having a widespread effect on interrupting critical services remains low, the increased number of attacks and the actors' willingness to access and manipulate these control systems increases the collective odds that at least one could have a more significant impact," Haines said.
The owners and maintainers of these systems play a role in their vulnerability to cyberattack by American adversaries, Haines told lawmakers.
"In virtually all the attacks we've seen against U.S. critical infrastructure, cyber actors took advantage of default or weak passwords; unpatched, known vulnerabilities; and poorly secured network connections to launch relatively simple attacks," she said. "And for this reason, it is crucial that all of us — particularly critical infrastructure owners and operators — improve our cybersecurity practices to reduce our vulnerability to such efforts."
According to Haines, the number of ransomware attacks globally went up by as much as 74% in the last year.
Air Force Lt. Gen. Jeffrey A. Kruse, director of the Defense Intelligence Agency, told senators that the need to protect DIA networks from cyberattacks by a wide range of actors, including foreign intelligence entities and insider threats, remains a primary concern for DIA.
"This includes not only the sophisticated capabilities of state actors, such as Russia and China, but also rogue cyber actors loosely aligned to governments," he said. "In addition to ... the growing threat to critical infrastructure in local governments, this threat directly endangers our defense industrial capabilities, our hard-won technological and military advantages, our allies and partners, and our future defense operations. We must partner, invest and integrate in new ways to secure what we value and safeguard: the assured resiliency of our networks, the data and the people."