NSA Director on Sony Hack: ‘The Entire World is Watching’

National Security Agency Director Admiral Michael Rogers expressed support Thursday for the United States’ economic sanctions against North Korea in response to the hack on Sony Pictures Entertainment, and called the attack against the movie studio a “game changer” for cybersecurity.

“Sony is important to me because the entire world is watching how we as a nation are going to respond do this,” Rogers said Thursday at the International Conference on Cyber Security in New York. “If we don’t name names here, it will only encourage others to decide, ‘Well this must not be a red line for the United States.'”

After naming North Korea responsible for the attack against Sony, the U.S. announced sanctions last week against 10 individuals and three organizations in North Korea, including the state’s main intelligence agency and its primary arms exporter. The sanctions effectively denied them access to U.S. financial systems.

In his address at the conference, Rogers endorsed the U.S. response to the Sony attack, implying the U.S. government should have a key role in responding to some cyberattacks on private companies. “I don’t think it’s realistic” for private companies “to deal with [cyberattacks] totally by themselves,” he said.

Rogers that hacks against private companies may require economic sanctions. “Merely because something happens to us in the cyber arena, doesn’t mean that our response has to be focused in the cyber arena” he said. “I was very happy to see what we as a nation state decided to do,” referring to the response to North Korea.

He also expressed skepticism about so-called “hack backs” in which private companies strike back against hackers, saying they risk “fratricide” by escalating cyber attacks between nation states and institutions.

The NSA was asked to examine malware used in the Sony hack and played a supporting role in determining its origins, Rogers said. The November hack brought down the studio’s networks and resulted in the leaks of terabytes of files including unreleased films and employee Social Security numbers. President Obama said last month the U.S. would launch a proportional response to the attack.

Rogers said North Korea was responsible for the hack against Sony Pictures Entertainment, reaffirming government claims despite doubts among some cybersecurity experts. “I remain very confident: this was North Korea,” Rogers said.

The remarks come a day after FBI Director James Comey said North Korea was “sloppy” in concealing the attack and said he had “high confidence” the hermit state was responsible.
Some cybersecurity experts have argued that the evidence North Korea is behind the attack is inconclusive, noting that the hack may have been the work of disgruntled employees or criminals.

Rogers also urged Congress to pass legislation that would encourage information sharing between private companies and the government on cyber threats.

Time: http://ti.me/1kgYCqw

 

« Critical Infrasctructure: UK and US Power Grids - Under Cyber Attack Every Minute
Industrial Internet of Things: Big Opportunities and Challenges »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NextLabs

NextLabs

NextLabs provides data-centric security software to protect business-critical data and applications.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

Data Security Inc

Data Security Inc

Data Security, Inc. is the leading American manufacturer and supplier of hard drive degaussers, magnetic tape degaussers as well as hard drive and solid state destruction devices.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

InterGuard

InterGuard

As the pioneer for Unified Insider Threat Prevention and productivity monitoring tools, InterGuard offers on premise and SaaS-based services that are easily available and affordable.

Conatix

Conatix

Conatix was formed to apply recent advances in AI and other fields of technology to insider fraud, one of the most intractable problems in cybersecurity.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

Security Management Partners (SMP)

Security Management Partners (SMP)

Security Management Partners (SMP) is a trusted partner to financial services, healthcare and businesses that need to manage their information, securely.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center of Vietnam has a central monitoring function and is a technical focal point for monitoring and supporting information security for people, businesses and systems.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

ZAG Technical Services

ZAG Technical Services

ZAG Technical Services is an award-winning information technology consulting firm delivering digital transformation solutions, IT assessments, managed services, security, and support.

Beaming

Beaming

Beaming is an established Internet Service Provider for businesses across the UK. We deliver reliable voice, data and managed services, including cybersecurity.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.

DRT Cyber

DRT Cyber

DRT Cyber deploys technology solutions to support the functions of cybersecurity, privacy, and risk management.