Reporter’s Notebook: Lawmakers praise response to Chinese hackers and Blackshades
Discussion of the five Chinese hackers indicted by the Justice Department dominated a joint hearing of the House Homeland Security Subcommittee on Counterterrorism and Intelligence and the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies today.
The hearing, originally scheduled for May 8, was chaired by Rep. Peter King, R-N.Y., who heads the Subcommittee on Counterterrorism and Intelligence.
In addition to discussion on the Chinese hackers, both King and Rep. Patrick Meehan, R-Pa., who chairs the subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, addressed the existence and struggles with Blackshades — malware that allows a user to remotely control a computer, enable a webcam and access passwords, keystrokes and other information.
“I am encouraged by the DOJ indictment and the recent law enforcement operation and hope it is a signal of more aggressive U.S. actions to address the cyber threat moving forward,” King said.
But Glenn Lemons, a senior intelligence officer from DHS, said that cyber threats and attacks are increasing in sophistication, seriousness and frequency.
“The persistent threats to the homeland remain data theft and espionage, the complexity of emerging threat capabilities, the inextricable link between physical and cyber domains, and the diversity of cyber actors presenting challenges to DHS and all of our customers,” Lemons said.
The public sector operates less than 15 percent of the country’s critical infrastructure, which increases the importance of communication and information sharing between the public and private sectors, Lemons said.
Joseph Demarest, the assistant director of the FBI’s cyber division, agreed with the need to increase collaboration between the public and private sectors.
“To counter the threats we face, we are engaging in an unprecedented level of collaboration within the U.S. government, with the private sector and with international law enforcement,” Demarest said.
Larry Zelvin, the director of the National Cybersecurity and Communications Integration Center at DHS, praised DHS’ response to the recently discovered Heartbleed vulnerability.
According to Zelvin, NCCIC learned of the vulnerability in early April and released alert and mitigation information less than 24 hours later. DHS proceeded to notify agencies if they had noticed possible activity and provided technical assistance to help to fix the vulnerability.
“Fortunately due to the hard work throughout the federal government, the impact of the Heartbleed [vulnerability] on the .gov domain has been minimal,” Zelvin said. “I am very proud of how the team responded and continues to counter the significant vulnerability, as it serves as another example of how we collaborate with and serve a large community of stakeholders.”
Despite what he considered to be a successful response to the Heartbleed vulnerability, Zelvin said more work can be done to improve the agency’s response to security issues.
“We still can do better and look to the help of the committee to clarify DHS’ authorities so it can better mitigate threats to the .gov and our .com domains closer to when they occur,” Zelvin said.
During the questioning period, King asked the panel whether terrorist organizations were actively targeting the U.S. and whether those groups were coordinating with criminal organizations in order to carry out attacks.
“We do actively watch for terrorist organizations crossing over to the criminal forums that are online today to acquire a skill or talent or tools to perpetrate some greater crime,” Demarest said. But to date the attacks “tend to be low-level,” he said.
Demarest said at the federal government level, through the .gov and .mil domains, agencies are “fairly well-prepared” for a cyberattack. The .com sphere, on the other hand, has varying degrees of preparedness, he said.