Cybersecurity expert reveals the biggest threats facing the US

Before you go, we thought you'd like these...
What Are the Greatest Threats to the US?

As defense strategists meet at the Defense Technology Contracting Summit in Washington to discuss how to combat emerging security threats, AOL.com is exploring how new technology can be used to address threats to Americans' safety.

James Andrew Lewis, senior fellow and program director at the Center for Strategic and International Studies, joins AOL.com to explain the biggest cybersecurity threats to the U.S. today.

Lewis previously worked at the Departments of State and Commerce as a Foreign Service officer and as a member of the Senior Executive Service. He's an expert on cybersecurity, and recently released the best-seller "Cybersecurity for the 44th Presidency."

AOL.com: What are the biggest threats facing the U.S. from a cybersecurity perspective?

James A. Lewis: The biggest threats come from four countries: Russia, China, Iran and North Korea. Russian and Chinese hackers steal billions from the U.S. every year. Iran and North Korea are risky because they have used cyber attacks for political coercion against US citizens.

Any of these four could disrupt critical services or data, and while Russia and China are careful, Iran or North Korea could easily make a mistake.

AOL.com​: What are some of the technological developments and inventions that have been developed recently to combat those threats, and what problems are we still actively trying to tackle?

James A. Lewis: The last couple of years have seen a wave of investment in tech start-ups to build cyber security products. They are just starting to reach the market. The most basic improvements could be in making encryption easier to use and making it harder to impersonate online identities. These two things, if people used them, could make a difference.

AOL.com: The Islamic State has become well known for its ability to harness social media for recruiting. Are you concerned about the group possibly posing a serious cybersecurity threat to the U.S.?

James A. Lewis: Groups like ISIS or al-Qaeda threaten cyber attacks every once and a while. They have been doing so for more than ten years and nothing has ever happened. Eventually they may do it, but it's not at the top of their list.

Iran is a different story. It supports groups like Hezbollah and the Syrian Electronic Army and could use these groups as proxies for attacks.

AOL.com: The general public often sees the Middle East as a hotbed of anti-American hostility and a threat to security, but what countries outside that region pose the biggest threat from a cybersecurity perspective?

James A. Lewis: Only Iran. Iran has used cyber attacks against targets in the middle East (the most notorious being against Aramco), against a conservative American casino owner, and has used very basic attacks against U.S. banks. Iran has also probed U.S. energy pipelines looking for places to attack.

AOL.com: In May, an FBI affidavit claimed a security researcher was able to hack into an aircraft through the in-flight entertainment system, causing the plane to drift off course. In the past week Chrysler announced a major recall after a report emerged that its vehicles were hackable. What do we know what's being done to ensure travel safety?

James A. Lewis: Companies are much more aware of the risks that using computer networks create than they were a few years ago, and are starting to put more effort into securing networks and building secure products. We've got a ways to go, however.

AOL.com: Is there an issue or threat you think is not discussed often enough in the public?

James A. Lewis: One problem for the U.S. is that we don't know how to respond to cyber attacks. When China's military hacks OPM and we do nothing, it send the wrong signal. Why should they stop?

See photos from the National Cybersecurity and Communications Integration Center:
30 PHOTOS
National Cybersecurity and Communications Integration Center - Arlington, Virginia - cybercrime
See Gallery
Cybersecurity expert reveals the biggest threats facing the US
WASHINGTON, DC - MAY 11: Admiral Michael Rogers, commander of U.S. Cyber Command and director of the National Security Agency, speaks at George Washington University May 11, 2015 in Washington, DC. The George Washington University's Center for Cyber and Homeland Security held a discussion on the state of cybersecurity threats to the United States. (Photo by Win McNamee/Getty Images)
WASHINGTON, DC - APRIL 02: National Security Agency Director and U.S. Cyber command Commander Admiral Michael Rogers takes questions during his keynote address to the Armed Forces Communications and Electronics Association's sixth annual Cybersecurity Technology Summit at the Capitol Hilton April 2, 2015 in Washington, DC. Taking questions submitted via email from an iPad, Rogers talked about intergovernmental information sharing, private-public partnerships and the new focus on recruitment among people as young as high school students. (Photo by Chip Somodevilla/Getty Images)
WASHINGTON, DC - MAY 11: Admiral Michael Rogers, commander of U.S. Cyber Command and director of the National Security Agency, speaks at George Washington University May 11, 2015 in Washington, DC. The George Washington University's Center for Cyber and Homeland Security held a discussion on the state of cybersecurity threats to the United States. (Photo by Win McNamee/Getty Images)
President Barack Obama waves as he walks down the stair of Air Force One upon his arrival at San Francisco International Airport, Thursday, Feb. 12, 2015, in San Francisco. The President will travel to Palo Alto, Calif., to deliver remarks at the White House Summit on Cybersecurity and Consumer Protection at Stanford University on Friday. (AP Photo/Ben Margot)
President Barack Obama, left, waves upon his arrival at San Francisco International Airport with San Francisco Mayor Ed Lee, right, Thursday, Feb. 12, 2015, in San Francisco. The President will travel to Palo Alto, Calif., to deliver remarks at the White House Summit on Cybersecurity and Consumer Protection at Stanford University on Friday. (AP Photo/Ben Margot)
ARLINGTON, VA - JANUARY 13: U.S. President Barack Obama delivers remarks at the National Cybersecurity and Communications Integration Center (NCCIC) on January 13, 2015 in Arlington, Virginia. President Obama discussed efforts to improve the government's ability to collaborate with industry to combat cyber threats. (Photo by Kristoffer Tripplaar-Pool/Getty Images)
ARLINGTON, VA - JANUARY 13: U.S. President Barack Obama delivers remarks at the National Cybersecurity and Communications Integration Center (NCCIC) on January 13, 2015 in Arlington, Virginia. President Obama discussed efforts to improve the government's ability to collaborate with industry to combat cyber threats. (Photo by Kristoffer Tripplaar-Pool/Getty Images)
US President Barack Obama speaks about cybersecurity alongside Secretary of Homeland Security Jeh Johnson (L) as he visits the National Cybersecurity and Communications Integration Center in Arlington, Virginia, January 13, 2015. AFP PHOTO / SAUL LOEB (Photo credit should read SAUL LOEB/AFP/Getty Images)
ARLINGTON, VA - JANUARY 13: U.S. President Barack Obama delivers remarks at the National Cybersecurity and Communications Integration Center (NCCIC) on January 13, 2015 in Arlington, Virginia. President Obama discussed efforts to improve the government's ability to collaborate with industry to combat cyber threats. He is joined by Secretary of Homeland Security Secretary Jeh Johnson. (Photo by Kristoffer Tripplaar-Pool/Getty Images)
WASHINGTON, DC - JANUARY 16: (CHINA OUT, SOUTH KOREA OUT) U.S. President Barack Obama speaks during a joint news conference with British Prime Minister David Cameron at the East Room of the White House January 16, 2015 in Washington, DC. The two leaders had an Oval Office meeting earlier discussing bilateral issues including economic growth, international trade, cybersecurity, Iran, ISIL, counterterrorism, Ebola, and Russias actions in Ukraine. (Photo by The Asahi Shimbun via Getty Images)
A specialist works at the National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Tuesday, Sept. 9, 2014. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Only after passing a low-key receptionist stationed on the seventh floor does one see the metal detectors, personal cellphone lockers and a series of heavy doors marked “classified” _ all leading to the auditorium-sized National Cybersecurity and Communications Integration Center. (AP Photo/Manuel Balce Ceneta)
Specialists work at the National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Tuesday, Sept. 9, 2014. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Only after passing a low-key receptionist stationed on the seventh floor does one see the metal detectors, personal cellphone lockers and a series of heavy doors marked “classified” _ all leading to the auditorium-sized National Cybersecurity and Communications Integration Center. (AP Photo/Manuel Balce Ceneta)
In this Sept. 24, 2010, file photo the National Cybersecurity & Communications Integration Center (NCCIC) prepares for the Cyber Storm III exercise at its operations center in Arlington, Va. It will take several more years for the government to install high-tech systems capable of detecting and blocking computer intrusions, giving hackers more time to figure out how to breach networks and steal sensitive data. The government's computer security weaknesses were laid bare with the WikiLeaks release. (AP Photo/J. Scott Applewhite, File)
Specialists work at the National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Tuesday, Sept. 9, 2014. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Only after passing a low-key receptionist stationed on the seventh floor does one see the metal detectors, personal cellphone lockers and a series of heavy doors marked “classified” _ all leading to the auditorium-sized National Cybersecurity and Communications Integration Center. (AP Photo/Manuel Balce Ceneta)
A specialist works at the National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Tuesday, Sept. 9, 2014. Ground zero in the nation’s fight against cybercrime hides in plain sight, in a nondescript suburban office building with no government seals or signs. Only after passing a low-key receptionist stationed on the seventh floor does one see the metal detectors, personal cellphone lockers and a series of heavy doors marked “classified” _ all leading to the auditorium-sized National Cybersecurity and Communications Integration Center. (AP Photo/Manuel Balce Ceneta)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Director of control Systems Security Sean Paul McGurk speaks at the National Cybersecurity & Communications Integration Center (NCCIC) as they prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
ARLINGTON, VA - OCTOBER 30: Staff members attend an event where Homeland Security Secretary Janet Napolitano delivered remarks at the opening ceremony of the new U.S. Computer Emergency Readiness Team/National Cybersecurity and Communications Integration Center facility October 30, 2009 in Arlington, Virginia. The center is designed to help protect the technical infrastructure of the United States. (Photo by Win McNamee/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Director of Control Systems Security Sean Paul McGurk speaks at the National Cybersecurity & Communications Integration Center (NCCIC) as they prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
ARLINGTON, VA - OCTOBER 30: Staff members attend an event where Homeland Security Secretary Janet Napolitano delivered remarks at the opening ceremony of the new U.S. Computer Emergency Readiness Team/National Cybersecurity and Communications Integration Center facility October 30, 2009 in Arlington, Virginia. The center is designed to help protect the technical infrastructure of the United States. (Photo by Win McNamee/Getty Images)
TO GO WITH AFP STORY US-GOVERNMENT-COMPUTER-SECURITY-INTERNET BY CHRIS LEFKOW Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) prepare for Cyber Storm III during a media session at their headquarters in Arlington, VA, September 24, 2010. Cyber Storm III is NCCIC's capstone national-level cybersecurity exercise. AFP PHOTO/Jim WATSON (Photo credit should read JIM WATSON/AFP/Getty Images)
of
SEE ALL
BACK TO SLIDE
SHOW CAPTION +
HIDE CAPTION


Also watch a video on cybersecurity with former NSA director Keith Alexander​:
Former NSA Director Alexander on Cybersecurity
More from AOL.com on cybersecurity:
America faces new and changing international threats
Wild inventions of the future (and the past) that the Pentagon is behind
Read Full Story

People are Reading