General says detection deters major cyberattacks

RICHARD LARDNER Associated Press Published:

WASHINGTON (AP) -- Foreign leaders are deterred from launching a major electronic attack on vital infrastructure in the United States because they know such a strike could be traced to its source and would generate a robust response, the military's top cyber warrior said during congressional testimony Tuesday.

But Army Gen. Keith Alexander, head of U.S. Cyber Command, told the Senate Armed Services Committee Tuesday the country is not preventing what he called low-level harassment of private and public web sites, property and information by other states. He did not mention any specific countries, even though the Obama administration is escalating its criticism of cyber thefts by China that have become intolerable to the international community.

Offensive cyber weapons are growing and evolving, Alexander said, and it is only a matter of time before tools developed by other nations wind up in the hands of extremist groups or even individuals who could cause serious damage and disruption to U.S. networks.

Alexander urged lawmakers to pass cybersecurity legislation that would that would make it easier for the government and the private sector, which controls critical infrastructure such as the electronic grid, banking systems and water treatment systems, to share information about who is getting hacked and what to do about it.

The general also told the committee that there needs to be a consensus on how the nation protects critical infrastructure and what role the Defense Department would play in blocking and responding to a serious attack if one occurred.

Alexander said the private sector maintains varying degrees of security over its computer systems. The financial industry typically is more secure than companies that operate the electric grid. Still, he said, banks are vulnerable to being disrupted by what are called denial of service attacks, a technique that works by overloading a website with traffic.

Alexander's testimony comes a day after President Barack Obama's national security adviser called for "serious steps" by China to stop cyber theft that has become intolerable to the international community.

The remarks on Monday by Tom Donilon before the Asia Society in New York underscore the growing concern in Washington over the security risks posed by cyber thefts and intrusions and the economic costs to U.S. businesses.

American companies are being more vocal about cyber theft emanating from China "on a very large scale." He said Beijing "should take serious steps to investigate and put a stop to these activities" and recognize the risk to international trade and to U.S.-China relations.

The Obama administration last month announced new efforts, including a new diplomatic push to discourage intellectual property theft abroad, to fight the growing theft of American trade secrets following the release of a report that linked China's military to the electronic theft of corporate trade secrets and U.S. government data.

After analyzing breaches that compromised more than 140 companies, the private security firm Mandiant has concluded that they can be linked to the People's Liberation Army's Unit 61398, a secret Chinese military organization based in Shanghai.

The Chinese government denied being involved in cybertheft, with China's defense minister calling the Mandiant report deeply flawed. China's Foreign Ministry said that country has also been a victim of hacking, much of it traced to the United States.