Deputy Defense Secretary William Lynn said that while foreign governments and rogue states may try to launch more destructive attacks against military networks, most may stick to theft and spying because they are worried about a U.S. counterattack.
The greater threat, he said, are terror groups such as al-Qaida, who are more difficult to deter. Terrorists have vowed to unleash cyberattacks, and over time may be able to either develop their own malicious computer threats or buy them on the black market.
Lynn's remarks, made at a cybersecurity conference in San Francisco and released in Washington, come as the U.S. government is struggling to ramp up its abilities to block cyberintrusions and to lay out policies for launching the high-tech attacks when needed. U.S. government sites are scanned and attacked millions of times a day, and there have been a number of serious breaches in recent years, including into the electric grid and Pentagon weapons contractors.
In a meeting with reporters after his speech, Lynn declined to specify how many of the 100 foreign intelligence agencies that he says have tried attacks on the U.S. were successful in breaching government defenses, saying that would include classified information. He said the attacks involved espionage, such as seeking weapons design or diplomatic information, and didn't appear to be aimed at causing destruction of physical infrastructure.
The biggest challenge faced by the U.S. as it looks to better gird against attacks, Lynn said, is finding ways to share threat information with private industry - which owns or operates as much as 85 percent of the networks. Those include much of the nation's critical infrastructure, ranging from the electric grid, banking and other financial systems and nuclear power plants.
The idea raises privacy concerns with the prospect of U.S. military or government eyes or ears on private networks.
Lynn said the government's intelligence capabilities give it broad knowledge of cyberthreats, and the U.S. already has shared unclassified information on a limited basis with defense companies that have sensitive data on their networks. The challenge, he said, is developing the policies and legal structure so that classified information about threats can also be shared.
Associated Press writer Jordan Robertson in San Francisco contributed to this report.