(CNSNews.com) - The United States lacks a strategy and a policy on cyber-security, even though cyber attacks are "one of the top, if not the number-one threat" facing the nation, Director of National Intelligence Dan Coates told a Senate hearing on Thursday.
Coates said U.S. policymakers need to address the threat of continuing cyber attacks, "but at this particular point in time, frankly, given the proliferation of issues that we're trying to deal with, it's almost overwhelming."
The very real threats to the United States -- discussed at two Senate hearings on Thursday -- were overshadowed by all the media speculation about President Trump's decision to fire FBI Director James Comey.
The Senate intelligence committee hearing room was crowded because so many people wanted to hear what the witnesses, all of them intelligence officials, might say about Comey and/or Trump.
But at the same time Coates and the other intelligence officials were testifying before the Senate intelligence committee, another hearing was taking place before the Senate Armed Services Committee in a room that was empty, as several lawmakers pointed out.
Yet the discussion before the Armed Services Committee focused almost exclusively on threats in cyberspace and the inadequate U.S. ability to deter, discourage and recover from some scary scenarios.
"Glaring gaps in our national cyber policy, strategy and organization undermine our ability to defend the homeland and deter those seeking to undermine our national security in cyberspace," Chairman John McCain (R-Ariz.) told the hearing.
Ranking Member Jack Reed (D-R.I) agreed: The United States must develop the ability to deter cyber attacks, "conduct our own operations of this type," and "bolster the resilience of our society," he said.
Sen. Jeanne Shaheen (D-N.H.) asked three former intelligence and defense officials, “What's the current or potential cyber threat to this country that you all are most concerned about?”
Former CIA Director and Retired Air Force Gen. Michael Hayden said, “There’s always the possibility of the apocalyptic attack, turning out all the lights east of the Mississippi.”
But more likely, Hayden said, is an attack along the lines of what the North Koreans did to Sony North America, only worse.
(In November 2014, Sony’s movie division was hacked by North Korea. The hackers released private and sometimes embarrassing emails of Sony executives, and the attack eventually prompted Sony to pull its upcoming comedy, “The Interview,” about an assassination attempt on Kim Jong Un, after the hackers threatened 9/11-style attacks on theaters that showed the movie.)
On Thursday, Hayden said he worries about a Sony-“plus” attack, “enriched by new technology and more aggressiveness.”
He described a scenario where what happened to Sony could be “done in sequence over multiple firms – I mean, that’s a foreign government attacking a North American firm to coerce its behavior. Wow.”
Retired Navy Adm. James Stavridis, the former commander of the U.S. European Command, said, “I think the grid is very vulnerable.” He recommended boosting “resilience” to a cyber attack that would cut the nation’s electricity supply and distribution.
Former Director of National Intelligence James Clapper told Shaheen, “I worry about the -- the worst case, which is an attack on -- on our infrastructure. And I think the Russians have -- particularly have reconnoitered it. And probably in -- at -- at a time of their choosing, which I don't think, right now, is -- is likely, but I think, if they want it to, could do great harm.”
The Department of Homeland Security describes "critical infrastructure" as the systems -- electric, banking, transportation, health services and more -- that "underpin American society."