The United States faces almost one significant cyber event per day and faces a “growing variety of advanced threats,” according to National Security Agency Director Mike Rogers.
Testifying before the U.S. Senate’s Armed Forces Committee Tuesday, Rogers said the United States is falling behind when it comes to fighting off cyber-attacks and the country still has no cyber policy.
“The new team is working on that,” he told the committee.
Senator John McCain said he had expressed concerns about the lack of a policy in the past. He said the Trump administration promised to produce a policy within 90 days of the inauguration, “but 90 days have come and gone.”
“Our nation remains woefully unprepared to address these threats,” McCain said.
Russia is widely believed to have been behind a hacking operation last year aimed at influencing the outcome of the U.S. presidential election.
Both the Senate and House intelligence committees along with FBI officials are investigating Russian efforts to influence the election.
China is accused of repeatedly hacking the U.S. government, including one operation in 2015 that saw the theft of more than 20 million government personnel files.
Rogers told the committee he hadn’t seen any recent reductions in the number of Chinese and Russian cyber operations.
“The offensive side in general has the advantage over the defense, which is why the ideas of deterrence are so important,” Rogers said.
With regards to Russia, Rogers said the U.S. needs to “publicly out this behavior” and harden U.S. cyber protections to make it harder for future hacks to succeed. He said it is important for would-be state hackers to know “there is a price to pay” for their actions.
“The goal should be, we want to convince actors you don’t want to do this … It’s not in your best interest,” he said.