NSA Is Merging Hacker And Anti-Hacker Teams

NSA Worldwide SIGINT Network Outline Leaked by Edward Snowden in 2013

US spies will have to choose between keeping hackers out or acting like them to gather intelligence, going against recommendation of computer security experts

NSA director Michael Rogers, shown here in Washington in September, has said a flatter structure is necessary to make the agency
 
A reorganisation of the National Security Agency could increase pressure on US spies to choose between keeping hackers out – or acting like them to gather intelligence.

This week, the NSA is expected to announce an internal reshuffling that will merge its defensive and offensive cybersecurity missions, two former US officials said.

Tech company encryption push is 'good for the feds' says Harvard study

The defensive side, called the Information Assurance Directorate (IAD), works with private companies and government networks to plug security holes before they can be exploited in a cyberattack. The offensive side, called the Signals Intelligence Directorate, often seeks to leave such security holes unpatched so they can be used when they hack into foreign systems.

Merging the two departments goes against the recommendation of some computer security experts, technology executives and the Obama administration’s surveillance reform commission, all of which have argued that those two missions are inherently contradictory and need to be further separated.

The NSA could decide not tell a tech company to patch a security flaw, they argue, if it knows it could be used to hack into a targeted machine. This could leave consumers at risk.

NSA director admiral Michael Rogers has said a flatter structure is necessary to make the agency, which can get bogged down in military speak and red tape, more agile as foreign hackers become increasingly brazen. The US Office of Personnel Management announced in 2015 it was hit by a breach linked to China, and more recent attacks have included Iran-linked attacks on US critical infrastructure.

The NSA may face more tension choosing between offense and defense. Much like sport, offense is usually more alluring.

NSA hackers could probably work with its defenders on where to look for software flaws, or how to model enemy behavior, former US officials said.
“These core missions are critical as we position NSA to face complex and evolving threats to the nation,” an NSA spokesman said of the restructuring, described in an earlier report on 26 January by the Washington Post. “Out of respect for our workforce, we cannot comment on any details or speculation before the plan is announced.”

Still, several computer security experts and former intelligence officials acknowledged the new NSA may face additional tension in choosing between offense and defense. And, like in sport, offense is usually more alluring.

“When a lesser thing joins a greater thing there’s always the threat that the greater thing prevails,” said one former US official, who added he was supportive of NSA’s plans.

In its 2013 report to the White House, the President’s Review Group on Intelligence and Communications Technologies suggested NSA’s IAD be broken out into its own agency.

“We are concerned that having IAD embedded in a foreign intelligence organization creates potential conflicts of interest,” it wrote. In 2014, one of computer security industry’s leaders, RSA executive chairman Art Coviello repeated these claims at the RSA Conference in San Francisco, the industry’s main trade show.

Coviello experienced the tension between the two sides of NSA during the last decade when his company adopted an encryption scheme backed by the defensive side of the agency. Years later, Reuters and others reported that type of encryption relied on a random number generator that could have been cracked by NSA hackers.

By going the other way, the NSA may make private companies, especially in Silicon Valley, less likely to work with the agency on defense. Former US officials supportive of the plan said any companies skeptical of the new structure probably already weren’t willing to work with NSA anyway.

Other former officials said the restructuring at Fort Meade just formalizes what was already happening there. After all, NSA’s hackers and defenders work side by side in the agency’s Threat Operations Center in southern Maryland.

“Sometimes you got to just own it,” said Dave Aitel, a former NSA researcher and now chief executive at the security company Immunity. “Actually, come to think of it, that’s a great new motto for them too.”

Guardian:

« Protect Your Data From Internal Attacks
Microrobot Can Navigate Using Electric Fields »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Allgress

Allgress

Allgress solutions converge disparate risk silos across enterprise networks and automate governance, risk and compliance management processes.

Repository of Industrial Security Incidents (RISI)

Repository of Industrial Security Incidents (RISI)

RISI is a database of cyber security incidents that have (or could have) affected process control, industrial automation or SCADA systems.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

Cyberint

Cyberint

Cyberint, the Impactful Intelligence company, fuses open-deep-and darkweb Threat Intelligence with Attack Surface Management to deliver maximum protection from external threats.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Cyberarch Consulting

Cyberarch Consulting

Cyberarch is a security-focused consulting firm. We provide services specializing in information security, digital forensics, penetration testing and cyber security training.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

SubRosa Cyber Solutions

SubRosa Cyber Solutions

SubRosa Cyber Solutions solves its clients’ most tenacious information security, risk and compliance challenges through a multitude of information technology services and expertise.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

National Cryptologic Foundation (NCF)

National Cryptologic Foundation (NCF)

The National Cryptologic Foundation strives to influence the cryptologic future by sharing our educational resources, stimulating new knowledge, and commemorating our heritage.

Eviden

Eviden

Eviden is an Atos business that brings together its digital, big data and security business lines. It will be a global leader in data-driven, trusted and sustainable digital transformation.

Xact IT Solutions

Xact IT Solutions

Xact IT Solutions are a certified cybersecurity firm offering cybersecurity, compliance and managed services.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

Liberty Technology

Liberty Technology

Liberty Technology has a host of highly trained, certified experts who assist our clients with immediate remote support as well as on-site service.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.