US intel chief: Cybersecurity is only getting harder
Martin Matishak June 6, 2022

US intel chief: Cybersecurity is only getting harder

US intel chief: Cybersecurity is only getting harder

San Francisco — Innovation by cyber adversaries and within the commercial spyware sector are among the key aspects making digital security increasingly difficult for the U.S. intelligence community to effectively manage, the nation’s spy chief said Monday.

“I think cybersecurity is getting harder,” Director of National Intelligence Avril Haines said during a keynote address at the RSA Conference.

The somber assessment comes as the federal government and the private sector remain on a heightened state of alert about online attacks spiraling out of Russia’s invasion of Ukraine and the ever–present threat of digital piracy or assault by China and other malicious actors.

Haines admitted that the U.S. has “not figured out how to prevent intrusions of even sophisticated networks… That is a challenge I think that we’re going to live with and the reality is we are from an intelligence community perspective.”

She specifically cited the increased commercial availability of sophisticated offensive tools that “make it harder for us to manage and it makes it easier for other actors to basically obtain tools that then allow them to engage in pretty sophisticated attacks in a variety of ways.”

In addition to the threats posed by longtime antagonists, such as North Korea and Iran, the spy community is watching transnational criminal organizations expand their operations — especially ransomware attacks.

Another aspect of cybersecurity that is proving more challenging is increased tension between intelligence gathering and privacy and civil liberties online, according to Haines.

The Covid-19 pandemic is a “perfect example of where so much more data about us in our daily lives” became available via contact tracing and other medical developments. That information could then be used by data brokers, she added.

The spy master also said the intelligence community has yet to grasp so-called “lessons learned” from Moscow’s invasion of Ukraine with respect to cybersecurity.

“We don’t yet know just because the conflict, obviously, continues. There’s still further chapters to be revealed on how this develops,” she told the audience.

Haines suggested that one potential takeaway was the boosted information-sharing that occurred late last year in the run-up to the now months-long conflict.

“We sort of encountered a fair amount of skepticism among folks” at first, she said.

As a result, President Joe Biden urged intelligence officials to “go out and share as much as you possibly can and ensure folks see what it is that you’re seeing.”

“We did a lot of sharing in this space with partners and allies, and we learned a lot from them in that process,” Haines said.

Martin is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.