By Joseph Marks
The sign outside the NSA campus in Fort Meade, Md. Patrick Semansky/AP)
The NSA is the U.S. government’s premier digital spying agency and it has a well-earned reputation for keeping secrets. But the agency needs to stop keeping so many things confidential and classified if it wants to protect the nation from cyberattacks.
That’s the assessment from Anne Neuberger, director of NSA’s first Cybersecurity Directorate, which will launch Oct. 1 and essentially combine the work of many disparate NSA divisions dealing with cybersecurity, including its offensive and defensive operations.
The directorate's mission is to “prevent and eradicate” foreign hackers from attacking critical U.S. targets including election infrastructure and defense companies, Neuberger said yesterday during her first public address since being named to lead the directorate in July.
Neuberger acknowledged the difficulty of her mission during an onstage interview at the Billington Cybersecurity Summit, but also said the growing hacking threats from Russia, China and other U.S. adversaries mean the nation “must” achieve it.
“The nation needs it … the threat demands it and the nation deserves that we achieve it,” Neuberger said.
That mission also means, however, that NSA, which was once colloquially known as “no such agency” and has traditionally kept mum to protect its own hacking operations and secret sources, must start sharing more threat data with cybersecurity pros in the private sector, she said. And the NSA will have to share that information far more quickly than it has in the past when many recipients hcomplained that, by the time they get the information, it's no longer useful, she said.
In some instances, the agency will have to look for “creative approaches” to share that information, Neuberger told reporters after her talk.
For instance, the agency may look for ways to present cybersecurity threat information so it can’t be traced back to the person or group that shared it, she said. Or the agency may look for cybersecurity companies that have the same information but from a different source and highlight those reports.
The new directorate is, in part, an acknowledgement that over the course of several previous reorganizations the spying agency hasn't focused enough on protecting U.S. organizations from foreign cyberattacks, NSA chief Gen. Paul Nakasone told the Wall Street Journal when he announced the new direcorate in July.
Neuberger learned how vital it is to share information about hacking threats during the run-up to the 2018 midterm elections when she was co-leader of an election security task force that combined the work of NSA and U.S. Cyber Command, the military’s hacking wing.
“A particular lesson was that we have to proactively work with private-sector partners, for example social media companies … to help them understand what they're up against,” she said.
In that effort, which NSA wants to repeat in 2020, the agency frequently shared information about hacking operations and social media influence operations with the FBI, which then passed the information along to social media companies and others to help them defend themselves, she said.
“Those companies have to invest in the problem themselves … but, when they're up against a nation-state, there are some insights and information that we should share … to enable them to look for that information on their platforms and shut it down,” she said.
In addition to safeguarding the 2020 elections, Neuberger said, the Cybersecurity Directorate will focus heavily on protecting defense companies, which have been extensively targeted by Chinese hackers looking to copy U.S. advances in military technology.
The directorate will also focus on disrupting foreign ransomware rings, she said, which lock up organizations’ computer files and refuse to release them until the victims pay a ransom.
Ransomware attackers have increasingly been targeting specific industries, she said, and the NSA is worried U.S. adversaries could try to use ransomware to disrupt the 2020 elections by locking up some vital systems on Election Day.
Russian President Vladimir Putin.(Alexei Nikolsky, Sputnik, Kremlin Pool Photo via AP)
“The gathering marked the first such meeting involving industry and government of its size this year to address 2020 election security,” Tony and Ellen reported, though sources were relatively tight lipped about specific topics they discussed.
Facebook’s head of cybersecurity policy, Nathaniel Gleicher, said the discussions focused on ways to “improve how we share information and coordinate our response to better detect and deter threats,” my colleagues reported.
The meeting comes roughly three years after Russia used an army of social media bots to spread misinformation about the 2016 election and as social media companies are facing a slew of new threats, including “deepfake” videos and inauthentic activity linked to China and Iran as well as Russia, my colleagues note.
A comparison of an original and deepfake video of Facebook CEO Mark Zuckerberg. (Elyse Samuels/The Washington Post)
PATCHED: Thieves
used voice-mimicking software in March to pose as a British energy
company executive and dupe an underling into wiring them more
than $240,000, my colleague Drew Harwell reports.
The first publicly reported fraud of its kind has stoked concerns over
the unregulated growth of technology to create “deepfakes,” or
artificial intelligence-crafted fake videos and audio.
A
representative for the British company's insurer told Drew that the
employee described the fake audio as a replica of his boss's voice down
to “the tonality, the punctuation, the German accent.” The thieves
tipped their hand, however, when they attempted to fake a call from the
boss at the same time the employee was speaking to the real boss
himself, according to an email shared with Drew.
While
the case is unusual, it isn't isolated. Researchers at the cybersecurity
firm Symantec said they have found at least three cases where
voice-faking tools were used to swindle companies, sometimes out of
millions of dollars, Drew reports. As low-cost artificial intelligence
tools to create fake recordings become more ubiquitous, the use of the
technology to commit cybercrime and other fraud also will probably
increase.
“Criminals are going to use whatever tools
enable them to achieve their objectives cheapest,” Andrew Grotto, a
fellow at Stanford University’s Cyber Policy Center and a former senior
director for cybersecurity policy at the White House during the Obama
and Trump administrations, told Drew.
An iPhone displays a Facebook page. (Jenny Kane/AP)
PWNED:
A server with databases storing more than 400 million Facebook user
names and phone numbers was discovered unprotected online recently, TechCrunch’s Zack Whittaker reports.
The data appears to have been scraped from Facebook before the social
media site stopped making phone numbers publicly available in April 2018
and could put users at increased risk from hackers and phone scammers.
Some
of the records also revealed Facebook users’ personal information
including names, gender, and country, Whittaker reports. The data
included 133 million records of U.S.-based users, 50 million in Vietnam,
and 18 million in the United Kingdom.
Facebook confirmed that the data was scraped before it made phone numbers private in 2018, a decision the company made shortly
after researchers flagged how vulnerable the feature made users to
scammers. “We have seen no evidence that Facebook accounts were
compromised,” Facebook spokesman Jay Nancarrow told TechCrunch. The data
set was taken down after TechCrunch notified the host.
PUBLIC KEY 
China's President Xi Jinping greets President Trump. (Brendan Smialowski/AFP/Getty Images)
Banning
Chinese equipment makers such as Huawei won't be enough to defend
next-generation U.S. 5G network from hacking, former Federal
Communications Commission chairman Tom Wheeler is warning lawmakers in a new paper out this week.
“The hyperbolic
rhetoric surrounding the Chinese equipment issues is drowning out what
should be a strong national focus on the full breadth of cybersecurity
risk factors facing 5G,” Wheeler and his co-author, former FCC official
David Simpson, write.
The former Obama-era officials
also took a dig at President Trump, who has repeatedly suggested he may
remove U.S. government restrictions on Huawei as part of a trade deal
with China. “We must not confuse 5G cybersecurity with international
trade policy,” they write.
— More cybersecurity news from the public sector:
A top IT government official on Wednesday said China poses the biggest cyber threat to the U.S.
The Hill
The Hill
Officials are developing a consistent framework for collecting cyber
data, which could ultimately help train tools to monitor networks and
detect suspicious behavior.
Nextgov
Nextgov
Following an audit that found the Office of Management and Budget could
be making better use of the cybersecurity reviews, Federal CISO Grant
Schneider said agency is looking at revamping the program ahead of next
fiscal year.
Federal Computer Week
Federal Computer Week
— Cybersecurity news from the private sector:
Twitter says it’s making the change "to protect people’s accounts."
The Verge
The Verge
Denmark appointed him to approach Silicon Valley as if it were a global
superpower. His challenges show how smaller countries struggle to
influence giant corporations.
The New York Times
The New York Times
Experts are divided over whether Apple’s $1 million bounty will
actually convince researchers to report the issues to Apple or a
zero-day broker.
CyberScoop
CyberScoop
Chinese hackers are reverse-engineering hacking tools developed by the NSA to bolster their own cyber arsenal, according to a new report from cybersecurity research firm Check Point.
Check
Point researchers aren't the first to spot the use of NSA-like tools by
the Chinese, but it was unclear how Chinese hackers were mimicking
high-security technology built by U.S. developers. By studying the
copycat tools, Check Point researchers figured out that Chinese hackers
created a “backdoor” by monitoring machines compromised by the NSA. They
then captured data from NSA attacks and reverse-engineered what they
found to create a nearly identical tool.
Hacking tools
can be time consuming and costly to build, so copycatting rivals'
software could give China a competitive edge, the report notes.
— More cybersecurity news from abroad:
Bridgefy has gained a significant following in Hong Kong. But is it secure and trustworthy?
Forbes
Forbes
Hackers working for the Chinese government have broken into telecoms networks to...
Reuters
Reuters
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.