FBI Director Christopher Wray said today there are more than 2,000 investigations underway that lead back to the Chinese government, including a 1,300 percent increase in economic espionage cases alone over recent years.
“We’re opening a new investigation into China every 10 hours, and I can assure you it’s not because our folks don’t have anything else to do with their time,” Wray told the Senate Intelligence Committee at its annual global threats hearing.
Wray testified the day after the DoJ revealed a secret FBI cyber operation to remove Chinese malware from US servers.
The hearing comes on the heels of the Office of the Director of National Intelligence release of its 2021 Annual Threat Assessment yesterday. The report — as well as DNI Avril Haines’s opening statement today — are sweeping in scope, ranging from foreign adversaries and cybersecurity to global terrorism and climate change. Today’s hearing focused on threats from China, cybersecurity, and emerging tech, as well as the COVID-19 pandemic and a slew of transnational issues.
Many of the threats highlighted entail a cyber aspect, whether that be foreign adversaries hacking, cyber vulnerabilities in the global supply chain, or adversaries using cyber for illicit financial activities.
Haines specifically noted the “pace, complexity, and impact” these trends are having on a “shifting landscape.”
Following Haines’s opening remarks, committee chair Sen. Mark Warner said, “That was a list of about as many awful things in 10 minutes as I may have heard in recent time.”
ODNI’s report addresses cyber in broad but significant strokes. Foreign adversaries’ increasing use of cyber “raises the prospect of more destructive and disruptive cyber activity. As states attempt more aggressive cyber operations, they are more likely to affect civilian populations.” These civilian populations range from businesses — while obviously alluding to the SolarWinds campaign — to journalists and religious minorities, the report says. The report also highlights the threat to free speech, in general.
“Democracies will continue to debate how to protect privacy and civil liberties as they confront domestic security threats and contend with the perception that free speech may be constrained by major technology companies,” the report observes. This theme — the tension between privacy and civil liberties on the one hand and national security on the other — has been an issue of public debate for years. Concerns over Big Tech’s role in controlling speech is a more recent public debate.
Asked by Sen. Richard Burr if he sought new “legal authorities,” alluding to previous testimony, CYBERCOM and NSA chief Gen. Paul Nakasone said no, as he did before, but reiterated his earlier testimony on US cybersecurity “blind spots.”
As questions began, the focus quickly narrowed to China and emerging tech, as well as the US’s ability to address them.
Warner asked how the US can build capabilities to monitor China and the closely linked threats of emerging tech. Haines said the Intelligence Community is well aware that China is “contesting our leadership” in tech.
CIA Director William Burns noted that two of five CIA directorates are focused on tech and cyber issues, adding that nearly one-third of the CIA workforce is active in addressing emerging tech and cyber.
On China, Wray added, “I don’t think that there is any country which presents a more severe threat to our innovation, economic security, and our democratic ideas, and the tools in their toolbox to influence our businesses, our academic institutions, our governments at all levels are deep and wide and persistent.”
The conversation turned specifically to cybersecurity when Sen. Diane Feinstein asked Nakasone if he thought the US was getting better or worse. “To bluntly answer your question, our adversaries continue to get better at what they’re doing,” Nakasone replied, while adding the US is working across government to improve resiliency and the ability to respond.
Nakasone reiterated prior congressional testimony and speeches in noting that, “As we’ve seen over the past two intrusions [referring to the SolarWinds and Microsoft Exchange server campaigns], the scope, scale, and sophistication of our adversaries today make us take notice.”
Feinstein then asked Nakasone and Wray what advice they would offer the private sector, specifically critical infrastructure operators. “The threat is real,” Nakasone said, adding, “There is no one industry and one sector of our government that’s going to be able to provide us the defense that’s necessary for our nation. This is a team sport. This is really the key piece of our way forward. It’s teamwork.”
Wray noted that 90 percent of US critical infrastructure is owned and operated by the private sector and highlighted “the importance of focusing inwardly to detect and mitigate quickly.” He added, “It’s important to think of cybersecurity not as a single event, but as a campaign. [It’s] no longer a question of if an institution is going to be compromised, but when.”
He then observed the different threat and risk profiles that exist. “In cybersecurity, one company’s left of boom is another’s right of boom.”
The CIA director noted the Biden administration’s plan to withdraw all troops from Afghanistan by Sept. 11 of this year posed a “significant risk” of a rise in terrorism.
In addition to the Afghanistan situation, ISIS and Al-Qaeda remain international threats, but Haines added that their capabilities have been degraded.
Sen. Marco Rubio asked about the origin of COVID-19. “The Intelligence Community does not know exactly where, when, or how the COVID-19 virus was transmitted initially,” Haines said, adding that there are currently two “theories” within the US Intelligence Community: One, that the virus emerged naturally from human contact with animals, or it was a laboratory accident. “That is where we are right now,” Haines said.
Interestingly, Nakasone replied to the COVID origin question unprompted, but his answer was much broader, saying only that NSA is working with partners domestic and foreign to gather and analyze “a series of pieces we’re looking at.”