Pages

21 September 2014

IS NSA PLANNING TO BEEF UP OUR CYBER RESPONSE CAPABILITIES?

September 18, 2014 
Is NSA Planning To Beef Up U.S. Cyber Response Capabilities?

Patrick Tucker, writing in the September 17, 2014 publication DefenseOne.com, writes that “ADM. Mike Rogers, Commander of the U.S. Cyber Command, and Director of the National Security Agency (NSA) said that the Obama administration’s controversial spying programs have not cost the country friends, or allies — either in the technology industry or abroad. Indeed the agency shows no signs of slowing down,” Mr. Tucker added.

“I fundamentally reject the premise of the question that says the NSA is no longer in a position where it has a relationship with a foreign counterparts, or with the corporate sector; or, that foreign counterparts have walked away from the NSA. That’s not what I’ve observed in the five months as Director,” he said.

Rogers comments, at the Billington Cyber Security Summitt held Tuesday in Washington D.C., “contradicts wide[spread] reports of the worsening relationship between foreign partners like Germany and the United States. In July, Germany ejected the CIA Station Chief in that country over spying allegations,” Mr. Tucker wrote.

ADM Rogers “spent the majority of his speech describing the growing threat posed by cyber attacks against [U.S.] infrastructure, banks and regular citizens,” Mr. Tucker asserted. “It was a threat that was “foundational to the future,” of Cyber Command,” he said; and, “one that future technology would only exacerbate — not solve. He also suggested that a growing role for NSA-style spying in the fight — not against the Islamic State or al Qaeda; but, against the murky malefactors of the Internet, whatever they may be.”

“Historically,” Mr. Tucker writes, “Cyber Command, which is tasked with cyber war activity; and, signals intelligence collection under the NSA have been separate. It’s one reason why Cyber Command is pursuing partnerships with businesses that make up the nation’s infrastructure — to get them to report on breaches much more quickly.”

“I’m a big advocate that we need cyber-sharing legislation,” said Rogers. “When I see the level of [cyber threat] activity out there, versus what’s being shared with us….I see a huge delta…there are clearly liability concerns,” and stock price, etc. “They’re working on that on the Hill.”

“Of course there is also the concern among many business [especially in the social media domain] that partnering with NSA could garner them public mistrust,” Mr. Tucker added.

A Bolder NSA To Come?

Mr. Tucker writes that “ADM Rogers comments suggest the NSA will not be changing its approach to metadata collection in any meaningful way — unless compelled by changes in law. In fact,” Mr. Tucker asserts, “he [ADM Rogers] seemed to imply that the growing threat posed by massive cyber incidents could serve as justification of expanded types of data collection, bordering on the controversial.”

To that end, Mr. Tucker writes that ADM Rogers “wants to build a “full spectrum capability” to allow the U.S. government to respond to cyber attacks; and of course, launch them. But, a big part of that is developing better situational awareness, of what’s happening online…at all times. Read that to mean more surveillance of ‘users’ online behavior, possibly within the U.S., that may pose some threat to larger systems, or that could be classified as “not normal.”

“Detecting behavioral changes, that’s where the situational awareness piece is critical for us,” ADM Rogers said. “That’s the ability to identify what is normal; and, what is not normal — and be able to do it on a scale.” As Mr. Tucker asserts, “What constitutes normal versus not normal online behavior is in the eye of the beholder; and, there’s no one who can behold more than ADM Rogers. He emphasized if the Internet practice remained legal, it was fair game in his eyes; and in the eyes of the FISA court.”

“Each new cyber attack raises the geo-political stakes,” Rogers said, and he called for “a clear red line that would determine whether a cyber action — undertaken by a state or nation — rises to the level of war. “There is no red line. There is a sense of consequences,” he said…regarding the theft of intellectual property online. “We need to get there.”

According to Tom Risen of USNews.com, when ADM Rogers was asked about reports that the Islamic State has “pledged to form a digital caliphate,” ADM Rogers acknowledged that the terrorist group had been “aggressive” in its use of the media and the Internet; but, would not specify the level of the cyber security threat posed by the Islamic State.

I have no reason not to take ADM Rogers remarks at face value, especially that our allies are still cooperating with us in the intelligence sharing domain — even with Edward Snowden’s damaging leaks. But, it is hard to believe that at least some of these relationships haven’t suffered some damage as a result; and, that al Qaeda, the Islamic State and others have benefited from Snowden’s revelations — and made NSA and the Intelligence Community’s job of discovering what they’re up to — more difficult. V/R, RCP

Share this:

No comments:

Post a Comment