Cyberattacks against American interests are likely to continue and grow more damaging, in part because hackers face a low risk of consequences, the director of national intelligence told Congress Thursday.
James Clapper, the nation's top intelligence official, told the House intelligence committee that a muted response to most cyberattacks has created a permissive environment in which hacking can be used as a tool short of war to benefit adversaries and inflict damage on the United States.
"Until such time as we do create both the substance and the mindset of deterrence, this sort of thing is going to continue," Clapper said, speaking specifically about the recently revealed hack of federal personnel information linked to China in which personal data on some 22 million current and former U.S. government employees, contractors, job applicants and relatives was stolen. "We will continue to see this until we create both the substance and the psychology of deterrence."
The administration has yet to act in response to the OPM hack.
Last May, the Justice Department issued criminal indictments against five Chinese military hackers it accused of cyberespionage against U.S. corporations for economic advantage. FBI director James Comey said at the time the spying was to benefit Chinese companies, but he neither named the companies nor took formal action against them.
Clapper said Thursday he is deeply worried that the data will be used to expose or blackmail American intelligence operatives, but he said the U.S. has yet to see any evidence of the data being used in that way.
Clapper discussed cyber threats alongside with CIA director John Brennan, Comey, National Security Agency director Admiral Mike Rogers, and Defense Intelligence Agency chief Lt. Gen. Vincent Stewart.
Russia, China, Iran and North Korea pose the top cyber threats, the officials said. Foreign intelligence services are increasingly gaining access to critical US infrastructure that would allow them to inflict damage, Clapper added.
Explore further: US spymaster warns over low-level cyber attacks