NSA Is Merging Hacker And Anti-Hacker Teams

NSA Worldwide SIGINT Network Outline Leaked by Edward Snowden in 2013

US spies will have to choose between keeping hackers out or acting like them to gather intelligence, going against recommendation of computer security experts

NSA director Michael Rogers, shown here in Washington in September, has said a flatter structure is necessary to make the agency
 
A reorganisation of the National Security Agency could increase pressure on US spies to choose between keeping hackers out – or acting like them to gather intelligence.

This week, the NSA is expected to announce an internal reshuffling that will merge its defensive and offensive cybersecurity missions, two former US officials said.

Tech company encryption push is 'good for the feds' says Harvard study

The defensive side, called the Information Assurance Directorate (IAD), works with private companies and government networks to plug security holes before they can be exploited in a cyberattack. The offensive side, called the Signals Intelligence Directorate, often seeks to leave such security holes unpatched so they can be used when they hack into foreign systems.

Merging the two departments goes against the recommendation of some computer security experts, technology executives and the Obama administration’s surveillance reform commission, all of which have argued that those two missions are inherently contradictory and need to be further separated.

The NSA could decide not tell a tech company to patch a security flaw, they argue, if it knows it could be used to hack into a targeted machine. This could leave consumers at risk.

NSA director admiral Michael Rogers has said a flatter structure is necessary to make the agency, which can get bogged down in military speak and red tape, more agile as foreign hackers become increasingly brazen. The US Office of Personnel Management announced in 2015 it was hit by a breach linked to China, and more recent attacks have included Iran-linked attacks on US critical infrastructure.

The NSA may face more tension choosing between offense and defense. Much like sport, offense is usually more alluring.

NSA hackers could probably work with its defenders on where to look for software flaws, or how to model enemy behavior, former US officials said.
“These core missions are critical as we position NSA to face complex and evolving threats to the nation,” an NSA spokesman said of the restructuring, described in an earlier report on 26 January by the Washington Post. “Out of respect for our workforce, we cannot comment on any details or speculation before the plan is announced.”

Still, several computer security experts and former intelligence officials acknowledged the new NSA may face additional tension in choosing between offense and defense. And, like in sport, offense is usually more alluring.

“When a lesser thing joins a greater thing there’s always the threat that the greater thing prevails,” said one former US official, who added he was supportive of NSA’s plans.

In its 2013 report to the White House, the President’s Review Group on Intelligence and Communications Technologies suggested NSA’s IAD be broken out into its own agency.

“We are concerned that having IAD embedded in a foreign intelligence organization creates potential conflicts of interest,” it wrote. In 2014, one of computer security industry’s leaders, RSA executive chairman Art Coviello repeated these claims at the RSA Conference in San Francisco, the industry’s main trade show.

Coviello experienced the tension between the two sides of NSA during the last decade when his company adopted an encryption scheme backed by the defensive side of the agency. Years later, Reuters and others reported that type of encryption relied on a random number generator that could have been cracked by NSA hackers.

By going the other way, the NSA may make private companies, especially in Silicon Valley, less likely to work with the agency on defense. Former US officials supportive of the plan said any companies skeptical of the new structure probably already weren’t willing to work with NSA anyway.

Other former officials said the restructuring at Fort Meade just formalizes what was already happening there. After all, NSA’s hackers and defenders work side by side in the agency’s Threat Operations Center in southern Maryland.

“Sometimes you got to just own it,” said Dave Aitel, a former NSA researcher and now chief executive at the security company Immunity. “Actually, come to think of it, that’s a great new motto for them too.”

Guardian:

« Protect Your Data From Internal Attacks
Microrobot Can Navigate Using Electric Fields »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Senetas

Senetas

Senetas is a leading developer and manufacturer of certified high-assurance encryption solutions, dedicated to protecting network transmitted data without compromising performance.

CloudSigma

CloudSigma

CloudSigma, a pure-cloud IaaS provider offers flexible and innovative cloud hosting solutions for companies of all sizes both in Europe and the US.

Packet Ninjas

Packet Ninjas

Packet Ninjas is a niche cyber security agency with specialized expertise in the use of digital intelligence to strengthen cyber security.

NTOP

NTOP

NTOP develop high-quality network traffic analysis and DDoS protection software used by small individuals as well by large telecom operators.

SafenSoft (SnS)

SafenSoft (SnS)

SafenSoft delivers high-efficiency, low-impact proactive protection against malware, insider threats, and confidential data leakage.

J2 Software

J2 Software

J2 Software is a leading African Information Security and ICT business providing information security, governance, risk and compliance solutions.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

IT Career Switch

IT Career Switch

An IT Career Switch Traineeship is the easiest way to start a new career in IT or Cybersecurity with fantastic career prospects.

Global Lifecycle Solutions EMEA (Global EMEA)

Global Lifecycle Solutions EMEA (Global EMEA)

Global EMEA provides full lifecycle services to corporate Clients covering procurement, configuration, support, maintenance and end-of-life asset management.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Communications Fraud Control Association (CFCA)

Communications Fraud Control Association (CFCA)

CFCA is the premier International Association for fraud risk management, fraud prevention and profitability control.

Ionize

Ionize

Ionize offers solutions to help you uplift your capability across the full-spectrum of cyber security - assessment, remediation, monitoring, governance and ongoing education.

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.

Blue Mantis

Blue Mantis

Blue Mantis is a security-first, IT solutions and services provider with a 30+ year history of successfully helping clients achieve business modernization.