Watch the full video of this session
Speaking at the Washington Ideas Forum at the Newseum in Washington, D.C., former Director of National Intelligence and Director of the National Security Agency Mike McConnell said that the U.S. is unprepared for a cyberattack and must overhaul its defenses.
"The
warnings are over. It could happen tomorrow," he said of a large-scale
cyberattack against the U.S., which could impact the global
economy "an order of magnitude surpassing" the attacks of September 11.
McConnell, in a panel with Bush administration Homeland Security Adviser
Fran Townsend and Washingtonian reporter Shane Harris, called
cybersecurity "the wolf at the door."
McConnell and Townsend both
argued that the U.S. should overhaul how it defends against
cyberattacks. Townsend warned that U.S. intelligence and security
agencies lack the organizational ability and authorization to prevent
and respond to cybersecurity threats.
While the Department of Homeland
Security is currently tasked with domestic cybersecurity, "The real
capability in this government is in the National Security Agency," she
said. The NSA is legally forbidden from spying on Americans. "Those laws
haven't kept apace with technology and the threats," Townsend warned.
"The bad guys had gotten an edge because the laws hadn't kept up." As
Harris documents in his book, "The Watchers: The Rise of America's Surveillance State," the NSA has pushed against the limits of laws against domestic spying.
Townsend and McConnell said that the NSA should be given greater authority to operate domestically. Harris countered that "there is a long history of suspicion, and well founded on the part of the American public" of expanding government authority "in the name of national security." When asked how to expand the already substantial surveillance state without overstepping, Townsend said that the Obama administration should "have the debate about surveillance law" now, rather than waiting until after an attack. That way, the conversation could be proactive and transparent, rather than reactive and secretive. In the days immediately after 9/11, the Bush administration rushed through a wide swathe of national security overhauls because they felt a second attack was impending and they did not have time for a full and public debate, which would have been difficult anyway without revealing classified information about the still-fresh attacks. Many of those changes took years to untangle. Townsend said that having a cybersecurity debate before a crisis occurs could avoid the mistakes of the Bush administration.
When asked why cybersecurity is such a difficult issue, McConnell explained that all it would take is "a very small group with a very small cost of entry" to wreak havoc by finding and exploiting vulnerabilities. Attacking is easy, but "the greater challenge is defending ones and zeros." Townsend added, "We can set all the rules we want, but the Internet is a world wide thing."
Towards the end of the discussion, McConnell, who as the Director of National Intelligence was the top spy official in the U.S., made a very unusual suggestion. He said that any American should be granted security clearance as long as they have a "clean record" and are willing to "take an oath." He asked, to some laughter, "Why not?"
