NSA Is Merging Hacker And Anti-Hacker Teams

Uploaded on 2016-02-15 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Defence, FREE TO VIEW

NSA Worldwide SIGINT Network Outline Leaked by Edward Snowden in 2013

US spies will have to choose between keeping hackers out or acting like them to gather intelligence, going against recommendation of computer security experts

NSA director Michael Rogers, shown here in Washington in September, has said a flatter structure is necessary to make the agency
 
A reorganisation of the National Security Agency could increase pressure on US spies to choose between keeping hackers out – or acting like them to gather intelligence.

This week, the NSA is expected to announce an internal reshuffling that will merge its defensive and offensive cybersecurity missions, two former US officials said.

Tech company encryption push is 'good for the feds' says Harvard study

The defensive side, called the Information Assurance Directorate (IAD), works with private companies and government networks to plug security holes before they can be exploited in a cyberattack. The offensive side, called the Signals Intelligence Directorate, often seeks to leave such security holes unpatched so they can be used when they hack into foreign systems.

Merging the two departments goes against the recommendation of some computer security experts, technology executives and the Obama administration’s surveillance reform commission, all of which have argued that those two missions are inherently contradictory and need to be further separated.

The NSA could decide not tell a tech company to patch a security flaw, they argue, if it knows it could be used to hack into a targeted machine. This could leave consumers at risk.

NSA director admiral Michael Rogers has said a flatter structure is necessary to make the agency, which can get bogged down in military speak and red tape, more agile as foreign hackers become increasingly brazen. The US Office of Personnel Management announced in 2015 it was hit by a breach linked to China, and more recent attacks have included Iran-linked attacks on US critical infrastructure.

The NSA may face more tension choosing between offense and defense. Much like sport, offense is usually more alluring.

NSA hackers could probably work with its defenders on where to look for software flaws, or how to model enemy behavior, former US officials said.
“These core missions are critical as we position NSA to face complex and evolving threats to the nation,” an NSA spokesman said of the restructuring, described in an earlier report on 26 January by the Washington Post. “Out of respect for our workforce, we cannot comment on any details or speculation before the plan is announced.”

Still, several computer security experts and former intelligence officials acknowledged the new NSA may face additional tension in choosing between offense and defense. And, like in sport, offense is usually more alluring.

“When a lesser thing joins a greater thing there’s always the threat that the greater thing prevails,” said one former US official, who added he was supportive of NSA’s plans.

In its 2013 report to the White House, the President’s Review Group on Intelligence and Communications Technologies suggested NSA’s IAD be broken out into its own agency.

“We are concerned that having IAD embedded in a foreign intelligence organization creates potential conflicts of interest,” it wrote. In 2014, one of computer security industry’s leaders, RSA executive chairman Art Coviello repeated these claims at the RSA Conference in San Francisco, the industry’s main trade show.

Coviello experienced the tension between the two sides of NSA during the last decade when his company adopted an encryption scheme backed by the defensive side of the agency. Years later, Reuters and others reported that type of encryption relied on a random number generator that could have been cracked by NSA hackers.

By going the other way, the NSA may make private companies, especially in Silicon Valley, less likely to work with the agency on defense. Former US officials supportive of the plan said any companies skeptical of the new structure probably already weren’t willing to work with NSA anyway.

Other former officials said the restructuring at Fort Meade just formalizes what was already happening there. After all, NSA’s hackers and defenders work side by side in the agency’s Threat Operations Center in southern Maryland.

“Sometimes you got to just own it,” said Dave Aitel, a former NSA researcher and now chief executive at the security company Immunity. “Actually, come to think of it, that’s a great new motto for them too.”

Guardian:

« Protect Your Data From Internal Attacks
Microrobot Can Navigate Using Electric Fields »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

PhishLabs

PhishLabs

PhishLabs provides 24/7 services that help organizations protect against the cyberattacks targeting their employees, their customers and their brands.

Advanced Systems International SAC

Advanced Systems International SAC

Advanced Systems international is a global company dedicated to data security software design, development, support, and licensing.

Seavus

Seavus

Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions including Managed Security Services.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

Peraton

Peraton

Peraton provides innovative solutions for the most sensitive and critical programs in government today, developed and executed by scientists, engineers, and other experts.

Palmchip

Palmchip

Palmchip is a Cyber Security, SOC and Software consulting company. We design and develop high performance and secure applications.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

AHAD

AHAD

AHAD provides cybersecurity, digital transformation, and risk management services and solutions to Government, Fortune 500, And Start-Up Companies in the Middle East region.

Alset Technologies

Alset Technologies

Alset Technologies provides DASH - a comprehensive solution to DISA STIG (Security Technical Implementation Guide) compliance.

StepSecurity

StepSecurity

StepSecurity provides a comprehensive security platform for GitHub Actions.

CyberMass

CyberMass

CyberMass provides Cyber Advisory/Consulting, Professional and Managed Services offering complete cybersecurity as a service protection to businesses.

National Cyber Force (NCF)

National Cyber Force (NCF)

The National Cyber Force (NCF) is a partnership between defence and intelligence.