Multiple nation-states are investing in their capabilities to hack critical U.S. infrastructure, making defense of those networks a top priority, U.S. National Security Agency chief Admiral Mike Rogers said Thursday.Attackers are seeking detailed information on how industrial control systems work, including obtaining engineering schematics and information on how such systems are configured, said Rogers, who spoke before the U.S. House of Representatives Permanent Select Committee on Intelligence.Such information could allow hackers to shut down “very segmented, very tailored” parts of networks, such as turning off power turbines, Rogers said.Industrial control systems are “big growth areas of vulnerability and action that we are going to see in the coming 12 months and it’s among the things that concern me the most.” Rogers said. “This will be truly destructive if someone decides that’s what they want to do.” One or two nations besides China possess the capability to damage U.S. infrastructure, although Rogers said specific information on which countries is classified.China and Russia are generally cited as nations with advanced cyberwarfare capabilities. The U.S. has stepped up its evaluation of critical infrastructure in the light of growing threats, focusing on 16 sectors as being critically important, including the power, aviation, financial and water industries. There is a need for a set of rules to be applied to cyberspace, similar to laws governing warfare, Rogers said. Now, there is a “sense of risk” among nation states, groups and individuals that can easily acquire the ability to conduct cyberattacks, which could result in a loss of life.“You can just do literally almost anything you want, and there isn’t a price to pay for it,” Rogers said.The U.S. is seeing a trend in criminal groups, who have been motivated in the past by stealing information for profit, using some of the same attack tools used by nation-states, Rogers said.The government believes that nation-states are trying to obscure their activity by using criminal gangs as surrogates to conduct cyberattacks. “That’s a troubling development for us,” he said.He called for greater machine-to-machine sharing of information between private companies and the government in order to allow for a better defense.Roger cautioned that the NSA, which has endured criticism for vast data collection programs revealed by its former contractor Edward Snowden, wants a public discussion on what kinds of data would be exchanged. “This is about computer network defense, not about intelligence — totally different missions, with totally different objectives,” Rogers said. “I don’t want people’s personal data.”Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe