U.S. Isn't Sharing What It Knows on Cyber Risks, Official Says

(Bloomberg) -- The U.S. government has failed to share enough information about cyber threats, including risks to election systems, with federal agencies and states, according to a top Trump administration intelligence official. 

Intelligence agencies are “kicking butt offensively,” but the U.S. needs to be better prepared to defend against future attacks as adversaries constantly learn about “our gaps and weaknesses,’’ William Evanina, director of the National Counterintelligence and Security Center, said Thursday at a conference in Washington.

“We have not done the best job of informing the rest of the government and private sector of what the threat is,’’ Evanina said. But now “we’re doing much better in’’ trying to share information, he added. Evanina’s center is under the Office of the Director of National Intelligence, which held classified briefings with state election officials in Washington last month.

President Donald Trump said this week that “we’ve actually been working very hard on the ’18 election” and that the U.S. would “very strongly” counteract any Russian efforts to interfere. But he has often dismissed the continuing investigations of Russian meddling in the 2016 presidential election as a “witch hunt” aimed at discrediting his victory. Navy Admiral Michael Rogers, the outgoing chief of the National Security Agency and U.S. Cyber Command, told lawmakers last week that Russia hadn’t “paid a price” for its actions.

Evanina also said 90 percent of data breaches that result in information being stolen come from “spear-phishing” attacks that fool people into opening their devices to intrusions.

“As Americans, we have an unbelievable ability not to click a link,’’ he said.

To contact the reporter on this story: Nafeesa Syeed in Washington at nsyeed@bloomberg.net.

To contact the editors responsible for this story: Bill Faries at wfaries@bloomberg.net, Larry Liebert

©2018 Bloomberg L.P.