AUDIE CORNISH, HOST:
Here's a disturbing warning. The kind of cyber-attacks that have recently hit the government and private sector will not only keep happening. They're going to increase. As NPR's David Welna reports, lawmakers heard that warning today, but they didn't hear many solutions.
DAVID WELNA, BYLINE: The heads of the nation's top spy agencies appeared before a rare open hearing of the House Intelligence Committee.
(SOUNDBITE OF ARCHIVED RECORDING)
DEVIN NUNES: The focus of this hearing is cyber-security, or, given the current state of affairs, cyber-insecurity.
WELNA: The panel's chairman, California Republican Devin Nunes, told the officials that public confidence has eroded in their ability to counter high-profile cyber-assaults.
(SOUNDBITE OF ARCHIVED RECORDING)
NUNES: Just this morning, we learned the Department of Energey was successfully hacked 159 times.
WELNA: The nation's top intelligence official readily agreed it's a problem that's only getting worse.
(SOUNDBITE OF ARCHIVED RECORDING)
JAMES CLAPPER: The cyber-threats to U.S. national and economic security have become increasingly diverse, sophisticated and harmful.
WELNA: Director of National Intelligence James Clapper said Americans face cyber-threats not just from major players such as China and Russia, but also from nations with fewer technical capabilities but more nefarious intent, such as Iran and North Korea.
(SOUNDBITE OF ARCHIVED RECORDING)
CLAPPER: And although we must be prepared for a large Armageddon-scale strike that would debilitate the entire U.S. infrastructure, that is not - it's not our belief that that's the most likely scenario. Rather, our primary concern are the low- to moderate-level cyber-attacks from a variety of sources which will continue and probably expand.
WELNA: Utah Republican Chris Stewart suggested that part of the problem may be that the U.S. has not made clear to potential hackers that they'll face consequences for their actions.
(SOUNDBITE OF ARCHIVED RECORDING)
CHRIS STEWART: It seems to me, if we can be more open about how we will respond, that that could act as more of a deterrence. And I'm not sure that we've done a very good job of doing that yet.
WELNA: Intelligence Chief Clapper agreed. A case-in-point - the recent breach at the Office or Personnel Management which exposed the personal data of some 22 million federal employees, contractors and job applicants.
(SOUNDBITE OF ARCHIVED RECORDING)
CLAPPER: This is not a one-off, and we will continue to see this until we create both the substance and the psychology of deterrence.
WELNA: But Connecticut Democrat Jim Himes said the nature of these breaches is not always clear.
(SOUNDBITE OF ARCHIVED RECORDING)
JIM HIMES: Is stealing classified information from us an act of war, or is it just an act of espionage that we do to each other and maybe we even grudgingly admire those who can pull off that kind of espionage?
WELNA: In fact, at a symposium in late June, DNI Clapper had words of praise for China, which he called the leading suspect in the OPM hack.
(SOUNDBITE OF ARCHIVED RECORDING)
CLAPPER: You have to kind of salute the Chinese for what they did, you know? If we had the opportunity to do that, I don't think we'd hesitate for a minute.
WELNA: Today, Clapper argued the U.S. has to be very careful about what kinds of computer intrusions should trigger sanctions.
(SOUNDBITE OF ARCHIVED RECORDING)
CLAPPER: That which is conducted for espionage purposes - I just would caution that we think in the old saw about people living in glass houses. We should think before we throw rocks.
WELNA: It was a tacit acknowledgement that U.S. spy agencies also hack other nations. While the Obama administration did sanction five Chinese military officials last year, that was for alleged economic cyber-spying. As for the OPM hack, no sanctions have been announced so far, and it's not clear whether they will be with Chinese President Xi Jinping due to visit the White House later this month. David Welna, NPR News, Washington. Transcript provided by NPR, Copyright NPR.