While the intelligence community has uncovered evidence of Chinese penetration of U.S. banking networks, Joel Brenner, national counterintelligence executive, said he's not worried "that the Chinese government wants to bring down our banking system."
Why not? The answer is simple, he said in a transcript of an April 3 speech released today. The Chinese won't hack the U.S. banking system, Brenner said, because "they have too much money invested here."
In his speech, which he gave the speech at the Applied Research Laboratories at the University of Texas in Austin, Brenner also acknowledged news reports that China has poked around in the networks that control the U.S. electric power grid, as well as air traffic control systems' water supply. He said he worries about penetration of those systems, but doubts that today China would take any action. If there was a "dust-up over Taiwan, the answer might be different," Brenner said.
He said Chinese probes of U.S. federal and commercial networks are so relentless and obvious "they don't seem to care about getting caught."
Brenner said he was more concerned about "attacks we don't see" and delivered a backhanded compliment to Russia, which he said is "very good" at sneakier cyber probes than China.
COMMENTS
First, if I never read "be afraid, be very afraid" again that would be fine by me. Secondly, Brenner's quotes are only partial sentences and that is important. The meaning he conveyed in his comments is not available since his entire comments are not quoted.
RocketMan 04/20/09 12:48 pm ET
If you can hack our systems, you can gather information about individuals which can then be used for espionage. And these are "our" experts. Be afraid! Be very afraid!
Robert Chick 04/20/09 08:50 am ET
What a line of bull. We should not be worried because they have some investments/? What!
This guy has to be on looney pills?
Planting code in major infrastructure systems in the US is a long term goal that can be activated if and when a conflict arises between the United States and China.
With guys like Joel Brenner on watch we will go down hard if the decide to activate their malicious code in time of crisis.
Joel Brenner should be fired after making these statemens.
john 04/17/09 08:26 am ET
CISO should leverage this time of opprtunity and intrigue to revitalize patch & vulnerability management programs, reaffirm acceptable use policies, educate users, and implemenent systems-wide configuration monitoring.
CIO should focus on accountability for results.. -to modify employee, system owner, and vendor behavior.
David 04/16/09 11:10 pm ET
I don't know whether it is the headline or the substance of the story which concerns me the most. As a former federal CIO who was responsible for securing the IT assets of two large federal departments a story like this often has the unintended effect of setting back the efforts of CISO and CIO communities. It is a very difficult job each year to convince senior business management at federal agencies to spend tens or hundreds of millions of dollars on maintaining and improving cybersecurity. It is one of those "sales" that sounds like this, "spend millions of dollars each year on cybersecurity and the likelihood of something bad happening to us will be less". Now someone in authority appears to be saying "no big deal if the Chinese or Russians muck about in or networks". I don't know if this is actually what he said or whether this is how it is being reported but this is a disservice to this community.
Ed Meagher 04/16/09 01:08 pm ET
If Japan had the ability to take down the U.S. financial and energy grid systems in 1941, they would obviously have used it in conjunction with their military attack on Pearl Harbor. Such a strategy would probably have resulted in the destruction of the U.S. military-industrial complex at the time. Mr. Brenner's opinion (which reflects a community-wide blindness to the threat) provides an excellent insight into how vulnerable America has become to asymmetric warfare. We simply ignore the lessons of history to our great misfortune.
Spartacus 04/16/09 11:47 am ET
Why worry about getting caught when the objective is to have the ability to shut us down on all fronts? Power, Money, Government, the list is endless, and it could all be accomplished in an e-second.
woody 04/16/09 10:08 am ET