NSA

The U.S. Defense Department by the end of the calendar year will release an initial zero trust architecture to improve cybersecurity across the department, says Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency, and commander, Joint Force Headquarters-Department of Defense Information Network.

Norton’s agency, commonly known as DISA, is working with the National Security Agency, the Department of Defense (DOD) chief information officer and others on what she calls an initial “reference” architecture for zero trust, which essentially ensures every person wanting to use the DOD Information Network, or DODIN, is identified and every device trying to connect is authenticated.

The Defense Information Systems Agency (DISA) is working more closely with the intelligence community and is partnering with the National Security Agency (NSA) on a number of cybersecurity-related efforts, officials say.

Government agencies are working together much more effectively as they counter terrorism and state-sponsored attacks in cyberspace. But more remains to be done as adversaries introduce new tactics and capabilities.

A panel comprising the top U.S. intelligence officials reviewed these issues as they closed out the AFCEA/INSA Intelligence & National Security Summit on September 5. Their points ranged from foreign interference in U.S. elections to cooperation—or the lack thereof—from industry with the U.S. government.

The May 7th ransomware attack against Baltimore has crippled much of the local government’s IT infrastructure while holding its network hostage. Not since the March 2018 attacks against Atlanta has a major U.S. city been so digitally impaired.

The subsequent media coverage of Baltimore’s struggle has generated some misplaced criticism of the U.S. government. Initial news reports erroneously claimed that the ransomware leveraged an NSA-developed exploit to compromise Baltimore’s municipal systems. Unfortunately, this snowballed into numerous sources placing blame on the NSA, claiming that they mismanaged their cyber weaponry. 

This is grossly incorrect.

The National Security Agency is now sharing the source code of Ghidra, its reverse engineering tool developed by the agency’s Research Directorate in support of its cybersecurity mission. Ghidra, a suite of software analysis tools, examines complied code using capabilities such as disassembly, assembly, decompilation, graphing and scripting.

Ghidra helps analyze malicious code and malware and improves cybersecurity professionals’ understanding of potential vulnerabilities in their networks and systems. With this release, developers can now collaborate, create patches and extend the tool to fit their cybersecurity needs.

There is not enough skilled talent for the growing need of the cyber community. Based on a state-by-state analysis on cyberchair.org, there are currently 320,000 open cyber jobs in the United States. Projections get worse. According to a CISCO report, by 2020 there will be 1 million unfilled cyber positions worldwide.

“We need to make systemic changes to address that gap,” said Rob Joyce, senior cybersecurity strategy advisor to the director, National Security Agency (NSA), and former cybersecurity advisor to the president.

Never before has there been such an intense focus on data security and privacy. With data breaches increasing exponentially and the European Union’s recent implementation of the General Data Protection Regulation (GDPR), data security has been at the forefront of news stories over the past several months, with both businesses and consumers suddenly paying very close attention. With this increased attention has come an understanding that data continues to exist even when it is no longer needed or used. Due to this newfound understanding and GDPR’s “Right to be Forgotten,” the eradication of data has new urgency and has become critical to a successful data security program.

If you think of the cyber threat as Godzilla, you can see the need for a framework that optimizes limited resources. As the beast attacks the building, those individuals located on the ground floor—for example the architects and engineers—worry about being stepped on by its feet. Those on the next floor up, the systems engineers, see the knees and want protection from being kicked. The next level, the incident responders, see the claws and worry about what those claws can do. Higher in the building, the operators see the shoulders and are focused on how big the threat might be based on the shoulder size. The customers at the top only see teeth and flames.

The U.S. Navy has outsourced geospatial intelligence at sea, delaying its investment in a solution to this core intelligence competency for the afloat commander. The service needs to train its analysts to produce geospatial intelligence and acquire software and hardware for them. A cost-effective systems solution exists, but the lack of commitment to geospatial intelligence holds the Navy back.

After months of uncertainty, President Donald Trump announced today that he has elevated the U.S. Cyber Command to a unified combatant command. In addition, Cyber Command ultimately may be separated from the National Security Agency (NSA).

“This new unified combatant command will strengthen our cyberspace operations and create more opportunities to improve our nation’s defense,” Trump said. “The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries.”

Editor’s note: Hugh Montgomery, the focus of this article, passed away April 6, just weeks after this SIGNAL interview.

It is just a matter of time before other countries face insider leaks similar to those that have haunted the American intelligence community, said Hugh Montgomery, a former U.S. diplomat and a pioneering intelligence officer who served for more than six decades.

Cybersecurity can no longer be viewed as a technology-only problem and segmented into stovepipes where the U.S. Defense Department carries out one set of tasks; the civilian government another; and industry does its own thing, said Adm. Michael Rogers, USN, director of the National Security Agency (NSA) and commander of U.S. Cyber Command.

“It must be viewed more broadly and must be tackled from a national security perspective,” Adm. Rogers said during a morning West 2017 conference presentation Thursday with Adm. James Stavridis, USN (Ret.), former NATO commander and dean of Tufts University’s Fletcher School of Law and Diplomacy.

Maj. Gen. Mark W. Westergren, USAF, has been assigned as deputy chief, Central Security Service, National Security Agency, Fort George G. Meade, Maryland.

The National Security Agency’s (NSA’s) recently established GitHub presence could become a focal point for releasing new technologies into the open source community. Sharing software could benefit the nation’s cybersecurity while also benefiting businesses and economic growth, officials say.

The National Security Agency’s third annual Best Scientific Cybersecurity Paper competition is now open. Scientific papers must have been published during 2014.

The papers will be judged on scientific merit and the the strength and significance of the work reported. In addition, the paper must exemplify the performance and reporting of cybersecurity scientific research.

The National Security Agency (NSA) is focusing inward and externally as it adopts a new approach to technology policy. This effort ranges from seeking outside partners in technology development to conducting an internal audit to uncover weak points that might bring down the agency.

U.S. intelligence agencies gave administration officials good advance information on Ukraine and the Islamic State in Iraq and the Levant (ISIL) activities before the crises unfolded, according to leaders of the agencies. Yet, inherent limitations prevented them from being able to measure transitional events.

Creating a deterrence strategy in cyberspace similar to the Cold War approach to nuclear weapons is a difficult proposition, according to Gen. Keith Alexander, USA, who commands U.S. Cyber Space Command and is director of the National Security Agency.

 "There is no deterrence model out there analogous to what we had during the Cold War for nuclear détente. If you think about it, there are no rules of the road yet. There are no norms. We don't have all that figured out, so there is no deterrence strategy. In fact, I would posit that it is much more difficult to have a deterrent strategy in cyber space because all countries, nation states and non-nation states, can have these capabilities in cyberspace," says Alexander.

The U.S. Defense Department must secure the cyber domain to protect and defend its own information and U.S. citizens, Gen. Keith B. Alexander, USA, commander of U.S. Cyber Command said today during the opening address of LandWarNet 2010. Gen. Alexander also serves as the director of the National Security Agency. "Every link and system has vulnerabilities that we have to defend," he stated. Gen. Alexander organized his speech by comparing warfare in the past with the movie WarGames and cyberwarfare to the movie The Matrix. In the former movie, as in nuclear warfare, there is no good engagement option because of assured mutual destruction.

It's sometimes difficult to figure out what's the bigger secret - intelligence or the acquisition processes of the organizations that gather it. CIA, NSA, DIA plus 13 more agencies are collectively known as the intelligence community (IC), but that's where most of the similarity ends when it comes to these information hunters and gathers when it comes to purchasing goods, services or "carbon units." One fact is absolutely true and as open source as is possible: small businesses have advocates in IC agencies that fight tooth and nail in their interest. Some of these experts presented valuable secrets as well as common sense about how to capture the IC's business at the AFCEA International Small Business Intelligence Forum.