NSA

The U.S. Defense Department by the end of the calendar year will release an initial zero trust architecture to improve cybersecurity across the department, says Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency, and commander, Joint Force Headquarters-Department of Defense Information Network.

Norton’s agency, commonly known as DISA, is working with the National Security Agency, the Department of Defense (DOD) chief information officer and others on what she calls an initial “reference” architecture for zero trust, which essentially ensures every person wanting to use the DOD Information Network, or DODIN, is identified and every device trying to connect is authenticated.

The Defense Information Systems Agency (DISA) is working more closely with the intelligence community and is partnering with the National Security Agency (NSA) on a number of cybersecurity-related efforts, officials say.

Government agencies are working together much more effectively as they counter terrorism and state-sponsored attacks in cyberspace. But more remains to be done as adversaries introduce new tactics and capabilities.

A panel comprising the top U.S. intelligence officials reviewed these issues as they closed out the AFCEA/INSA Intelligence & National Security Summit on September 5. Their points ranged from foreign interference in U.S. elections to cooperation—or the lack thereof—from industry with the U.S. government.

The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.

The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry. 

This is grossly incorrect.

The National Security Agency is now sharing the source code of Ghidra, its reverse engineering tool developed by the agency’s Research Directorate in support of its cybersecurity mission. Ghidra, a suite of software analysis tools, examines complied code using capabilities such as disassembly, assembly, decompilation, graphing and scripting.

Ghidra helps analyze malicious code and malware and improves cybersecurity professionals’ understanding of potential vulnerabilities in their networks and systems. With this release, developers can now collaborate, create patches and extend the tool to fit their cybersecurity needs.

There is not enough skilled talent for the growing need of the cyber community. Based on a state-by-state analysis on cyberchair.org, there are currently 320,000 open cyber jobs in the United States. Projections get worse. According to a CISCO report, by 2020 there will be 1 million unfilled cyber positions worldwide.

“We need to make systemic changes to address that gap,” said Rob Joyce, senior cybersecurity strategy advisor to the director, National Security Agency (NSA), and former cybersecurity advisor to the president.

Never before has there been such an intense focus on data security and privacy. With data breaches increasing exponentially and the European Union’s recent implementation of the General Data Protection Regulation (GDPR), data security has been at the forefront of news stories over the past several months, with both businesses and consumers suddenly paying very close attention. With this increased attention has come an understanding that data continues to exist even when it is no longer needed or used. Due to this newfound understanding and GDPR’s “Right to be Forgotten,” the eradication of data has new urgency and has become critical to a successful data security program.

If you think of the cyber threat as Godzilla, you can see the need for a framework that optimizes limited resources. As the beast attacks the building, those individuals located on the ground floor—for example the architects and engineers—worry about being stepped on by its feet. Those on the next floor up, the systems engineers, see the knees and want protection from being kicked. The next level, the incident responders, see the claws and worry about what those claws can do. Higher in the building, the operators see the shoulders and are focused on how big the threat might be based on the shoulder size. The customers at the top only see teeth and flames.

The U.S. Navy has outsourced geospatial intelligence at sea, delaying its investment in a solution to this core intelligence competency for the afloat commander. The service needs to train its analysts to produce geospatial intelligence and acquire software and hardware for them. A cost-effective systems solution exists, but the lack of commitment to geospatial intelligence holds the Navy back.