CIA Sees Intel Data Flood As Both A Benefit And A Danger

Uploaded on 2016-09-02 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

CIA Deputy Director Sean Roche.   source: vimeo

When he started at the CIA, Sean Roche recalls how little solid data the US spy agency had on what was going on inside the Kremlin.

"We would look at black-and-white pictures of old men standing on a wall with fur hats on at a May Day parade and try to figure out who was next in the succession and who’s going to croak," Roche, 53, said in an interview, contrasting the relative lack of data during the Cold War with the digital deluge the agency has to sort through today.

That trove of information is both a godsend for intelligence collection and a challenge to the Central Intelligence Agency’s clandestine tradecraft. As the CIA’s associate deputy director for digital innovation, he’s working on that balance while also protecting the agency’s own computer systems and the US generally from foreign cyber threats.

Today “people are putting all their thoughts, their conversations, their movements, their ideas into this digital stream," Roche said July 30 on the sidelines of the annual Aspen Security Forum in Colorado. A career CIA official, Roche joined the agency’s new Directorate for Digital Innovation, which opened in October, after serving as deputy director for science and technology.

Roche wouldn’t comment on recent hacking incidents, including breaches of the Democratic National Committee’s system and a data analytics program used by presidential nominee Hillary Clinton’s campaign, attacks that technology experts attribute to Russia. But he said that Russia, China, Iran and North Korea top the list of nations posing cybersecurity threats to the U.S. government and its contractors.

"They’re targeting data of all forms," Roche said, looking for information that gives them trade secrets or information about Americans that would help them achieve a national objective. Other cases involve "plain-old thuggery," Roche said, creating a nuisance and leaving a blatant trail to identify the source of the attack because "attribution feeds a national need for esteem.”

Attacks are often made possible on the receiving end by a "well-meaning but incompetent insider," Roche said, which includes those overseeing information technology systems and staffers who fall for targeted phishing attacks that lure them into clicking on a seemingly innocent link.

While some breaches happen quickly, Roche said last year’s hack of the Office of Personnel Management, which compromised data on 21.5 million individuals and has been linked to Chinese hackers, "opened people’s eyes. When you have an entity in there for months, they will patiently wait there" and seize data, he said.

Roche’s division was the first directorate the CIA added in half a century. His responsibilities include updating the agency’s older systems, which aren’t compatible with current technology and in some cases can’t even accommodate encryption. The directorate also combined those handling the agency’s information technology and internet systems with the team that monitors global cyber threats.

"We get very good insights into what the cyber actors are doing and we stop them before they get to our door," Roche said.

‘Digital Dust’

In a digital age, Roche said the secretive CIA has embraced the inevitability that new workers “come in with digital dust and a digital background” that can’t be erased. The agency also has to let its workers operate in the online and mobile world without divulging what they are doing and who they are working for, he added.

"The people that we are interested in are giving off digital dust as well," he said. "There are very few Ted Kaczynskis living in a cabin up in the woods totally disconnected," Roche said, referring to the killer known as the Unabomber, who was ultimately found in isolation.

Given the CIA’s well-known brand, Roche said he hasn’t had trouble filling his cyber workforce. "We have agency officers boomeranging and coming back after being successful in venture capital, after being successful in the IT industry, and then coming back to the agency to serve with all of that knowledge as very senior leaders," he said.

Roche said he’s also trying to bring more ethnic diversity to his teams through contacts with groups promoting science and technology among minorities.

"When I think about the IT business, it’s typically skinny-armed white males playing World of Warcraft," he said. "We’re changing that."

Burned-out traders and investors also have sought second careers at the CIA, he said. "We get a lot from Wall Street who say, ‘This was interesting when I got out of college but I’m looking for something more meaningful,’" he said. "They come to us and they knock on the door."

Information-Management: http://bit.ly/2aCBM8U

« Benefits of Penetration Testing
Russian Site is One-Stop Shop for Cyber-Crime »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

QOMPLX

QOMPLX

QOMPLX integrate, contextualize, and analyze data from virtually any source to help you identify operational risk and inefficiencies throughout the enterprise.

Secon Cyber Security

Secon Cyber Security

Secon Cyber Security is an Advanced Managed Security Services Provider with long standing experience of providing cyber security solutions to customers ranging from small to large enterprises.

CyberGuru

CyberGuru

CyberGuru is a service provided by CyberSecurity Malaysia specializing in cyber security professional training and development.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

Fiserv

Fiserv

Fiserv offers a wide array of Risk & Compliance solutions to help you prevent losses from fraud and ensure adherence to regulatory and compliance mandates.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

Nu Quantum

Nu Quantum

Nu Quantum is developing quantum photonics hardware to power the quantum revolution in communications, sensing and computing.

East Midlands Cyber Resilience Centre (EMCRC)

East Midlands Cyber Resilience Centre (EMCRC)

The East Midlands Cyber Resilience Centre is set up to support and help protect businesses across the region against cyber crime.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

OptimEyes.ai

OptimEyes.ai

OptimEyes.ai is a unique AI-powered, on-demand SaaS solution for cyber-security, data privacy and compliance risk modeling.

Dig Security

Dig Security

Dig Security offers the first data detection and response (DDR) solution, providing real-time visibility, control and protection of your data assets across any cloud.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.

Quantum Knight

Quantum Knight

Quantum Knight is the most performant commercial-grade embeddable cryptography. Lock down any resource from any location or device. Take control of your data now.