By Joseph Marks
The sign outside the NSA campus in Fort Meade, Md. Patrick Semansky/AP)
The NSA is the U.S. government’s premier digital spying agency and it has a well-earned reputation for keeping secrets. But the agency needs to stop keeping so many things confidential and classified if it wants to protect the nation from cyberattacks.
That’s the assessment from Anne Neuberger, director of NSA’s first Cybersecurity Directorate, which will launch Oct. 1 and essentially combine the work of many disparate NSA divisions dealing with cybersecurity, including its offensive and defensive operations.
The directorate's mission is to “prevent and eradicate” foreign hackers from attacking critical U.S. targets including election infrastructure and defense companies, Neuberger said yesterday during her first public address since being named to lead the directorate in July.
Neuberger acknowledged the difficulty of her mission during an onstage interview at the Billington Cybersecurity Summit, but also said the growing hacking threats from Russia, China and other U.S. adversaries mean the nation “must” achieve it.
“The nation needs it … the threat demands it and the nation deserves that we achieve it,” Neuberger said.
That mission also means, however, that NSA, which was once colloquially known as “no such agency” and has traditionally kept mum to protect its own hacking operations and secret sources, must start sharing more threat data with cybersecurity pros in the private sector, she said. And the NSA will have to share that information far more quickly than it has in the past when many recipients hcomplained that, by the time they get the information, it's no longer useful, she said.
In some instances, the agency will have to look for “creative approaches” to share that information, Neuberger told reporters after her talk.
For instance, the agency may look for ways to present cybersecurity threat information so it can’t be traced back to the person or group that shared it, she said. Or the agency may look for cybersecurity companies that have the same information but from a different source and highlight those reports.
The new directorate is, in part, an acknowledgement that over the course of several previous reorganizations the spying agency hasn't focused enough on protecting U.S. organizations from foreign cyberattacks, NSA chief Gen. Paul Nakasone told the Wall Street Journal when he announced the new direcorate in July.
Neuberger learned how vital it is to share information about hacking threats during the run-up to the 2018 midterm elections when she was co-leader of an election security task force that combined the work of NSA and U.S. Cyber Command, the military’s hacking wing.
“A particular lesson was that we have to proactively work with private-sector partners, for example social media companies … to help them understand what they're up against,” she said.
In that effort, which NSA wants to repeat in 2020, the agency frequently shared information about hacking operations and social media influence operations with the FBI, which then passed the information along to social media companies and others to help them defend themselves, she said.
“Those companies have to invest in the problem themselves … but, when they're up against a nation-state, there are some insights and information that we should share … to enable them to look for that information on their platforms and shut it down,” she said.
In addition to safeguarding the 2020 elections, Neuberger said, the Cybersecurity Directorate will focus heavily on protecting defense companies, which have been extensively targeted by Chinese hackers looking to copy U.S. advances in military technology.
The directorate will also focus on disrupting foreign ransomware rings, she said, which lock up organizations’ computer files and refuse to release them until the victims pay a ransom.
Ransomware attackers have increasingly been targeting specific industries, she said, and the NSA is worried U.S. adversaries could try to use ransomware to disrupt the 2020 elections by locking up some vital systems on Election Day.
Russian President Vladimir Putin.(Alexei Nikolsky, Sputnik, Kremlin Pool Photo via AP)
“The gathering marked the first such meeting involving industry and government of its size this year to address 2020 election security,” Tony and Ellen reported, though sources were relatively tight lipped about specific topics they discussed.
Facebook’s head of cybersecurity policy, Nathaniel Gleicher, said the discussions focused on ways to “improve how we share information and coordinate our response to better detect and deter threats,” my colleagues reported.
The meeting comes roughly three years after Russia used an army of social media bots to spread misinformation about the 2016 election and as social media companies are facing a slew of new threats, including “deepfake” videos and inauthentic activity linked to China and Iran as well as Russia, my colleagues note.
A comparison of an original and deepfake video of Facebook CEO Mark Zuckerberg. (Elyse Samuels/The Washington Post)
An iPhone displays a Facebook page. (Jenny Kane/AP)
China's President Xi Jinping greets President Trump. (Brendan Smialowski/AFP/Getty Images)