The threats posed by cyber attacks are the greatest risk to US security, according to a new, in-depth report issued by the Senate Intelligence Committee.
The report, authored by James Clapper, the director of National Intelligence, warns that a direct attack on US infrastructure could well take place in the coming years.
"We judge there is a remote chance of a major cyber attack against US critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage," he said in the detailed report.
"The level of technical expertise and operational sophistication required for such an attack - including the ability to create physical damage or overcome mitigation factors like manual overrides - will be out of reach for most actors during this time frame."
However, while major nations such as China or Russia could launch such attacks, Clapper says he thinks this is unlikely at present and risks will come from more disprate sources.
"Advanced cyber actor are unlikely to launch such a devastating attack against the US outside of a military conflict or crisis they believe threatens their vital interests," he said.
"However, isolated state or non-state actors might deploy less sophisticated cyber attacks as a form of retaliation or provocation. These less advanced but highly motivated actors could access some poorly protected US networks that control core functions, such as power generation, during the next two years."
Clapper noted recent attacks that have hit the headlines including DDoS attacks on US banks and an attack against Saudi oil company Aramco in 2012 when 30,000 computers on the firm's business network were rendered unusable.
Clapper also warned that criminals and activist groups operating online pose a major threat to the financial strength of the nation and could have unintended security issues.
"Most hacktivists use short-term denial-of-service operations or expose personally identifiable information held by target companies, as forms of political protest," he said.
"However, a more radical group might form to inflict more systemic impacts - such as disrupting financial networks - or accidentally trigger unintended consequences that could be misinterpreted as a state-sponsored attack."
On cybercriminals, Clapper said their efforts to steal corporate data "threaten US economic interests" and should not be underestimated.
"They are selling tools, via a growing black market, that might enable access to critical infrastructure systems or get into the hands of state and non-state actors. In addition, a handful of commercial companies sell computer intrusion kits on the open market," he said.
"These hardware and software packages can give governments and cybercriminals the capability to steal, manipulate, or delete information on targeted systems."
The report comes the day after White House security advisor Tom Donilon warned China to stop cyber attacks on US businesses for the good of international relations.
Donilon said that China-based cyber attacks on the enterprise sector can damage the countries international image and that they should engage in an open dialogue to stop attacks and establish acceptable behaviours for cyberspace.
IBM software case reminiscent of TSMC trade secrets theft claim
iPhone 8 specs, release date, price, features, basically everything! But will it have a curved display?
CISO pay boom as security become a boardroom concern