'Russian cyber threat more sophisticated than others'

A top US intelligence chief has said that Russian cyber threat is much more sophisticated while China has robbed its industrial base information.
"Different cyber actors have different capabilities and different goals when conducting operations in Cyberspace," James R Clapper, Director of National Intelligence said in his remarks at an international cyber discussion at the Fordham University this week.
"Russia for example, has a broad range of highly sophisticated technical and human intelligence capabilities. Moscow's focus goes beyond just taking advantage of common vulnerabilities that can be fixed with a software patch, and in the event of a military conflict or geo-political crisis with Russia, some US critical infrastructure networks will be at risk," he said.

"So the Russian cyber threat is much more sophisticated than the others and we have seen that Iran and North Korea are now unpredictable and aggressive cyber actors who aren't afraid to undertake offensive cyber operations against private sector targets.
But we hear a lot more public discussion of the Chinese, because they, and now the North Koreans, are much noisier," he added.
"China has been robbing our industrial base blindly, largely with vulnerabilities that are easy to guard against or to simply fix. And that's one of the places where we can talk about a government and industry partnership," Clapper said.

In the aftermath of the attack on the Sony Pictures, Clapper asked the private sector to patch IT software obsessively, segment the data, and pay attention to the threat bulletins that DHS and FBI put out.

Clapper said most Chinese cyber intrusions are through well-known vulnerabilities that can be fixed with patches already available.
"A single breach shouldn't give attackers access to an entire network infrastructure and a mother lode of proprietary data," he said.
"The Chinese in particular are cleaning us out, because we know we're supposed to do those simple things, and yet we don't do them, "he said.

So many times, the Chinese and others get access to our systems just by pretending to be someone else and then asking for access, and someone gives it to them," he added.
Clapper alleged that China's primary motivation is to catch up to and then surpass Western industrial and defense capabilities and to eventually pass by the US economy.
"The Chinese are focused on those goals, whereas the recent cyber attack from North Korea, which by the way is the most serious cyber attack ever made against US interests with potentially hundreds-of-millions of dollars and counting in damages, was driven by an entirely different philosophy," he said.