Microsoft Subnet An independent Microsoft community View more

New NSA Chief expects attacks attempting to damage, destroy critical infrastructure

Officials and experts talk privacy, security and cyberattacks at Reuters Cybersecurity Summit.

Were you hoping a new NSA director might help turn the tide in a way that would be good for privacy? If his early comments are any indication, then you'll likely be disappointed. In his first interview since taking over at the NSA and U.S. Cyber Command, Admiral Mike Rogers pledged to be more "candid with the public." He added that "the debate about privacy and spying was a worthy one that echoed concerns at the founding of the country about the rights of individuals versus the powers of the government." Yet Rogers "staunchly defended the NSA's controversial electronic surveillance programs, emphasizing that they were legal and needed better explanation rather than an overhaul."

Rogers is one among a long list of security officials and experts who will speak at the Reuters Cybersecurity Summit in Washington. When talk turned to Edward Snowden and what the former NSA contractor stole and then leaked, Rogers said most of it had "nothing to do with privacy rights or actions that NSA does or does not take involving citizens of the United States."

Unsurprisingly, former NSA and CIA director Michael Hayden can't wrap his head around the right to privacy. Hayden stated, "I could make a case that the German reaction (to Snowden's revelations) was unwarranted. I could never make a case that it was not sincere. Germans view privacy the way we view free speech or freedom of religion. We did not deeply enough appreciate the difference in values." Who says privacy is not highly valued by Americans too?

Peter Swire, Law and Ethics Professor at Georgia Tech, has tackled some tough topics in the past, such as facial recognition vs. Fourth Amendment. This time, Swire told Reuters, "Cybersecurity was tough to pass before Snowden. It's much tougher now. I don't believe Congress is going to vote for a massive increase in information sharing at the same time that it is voting to end bulk data collection."

Meanwhile, Brigadier General Paul Nakasone, Deputy Commander of U.S. Army Cyber Command, seemed disgusted by lazy admins when he said, "Eighty percent of the intrusions of your networks today can be handled by patches, anti-virus and user actions. We spend 90 percent of our time on the 80 percent of the issues that could be handled by good hygiene."

Admiral Rogers declined to comment upon how long he might head up the NSA and U.S. Cyber Command, but he expects destructive electronic assaults to hit the U.S. while he is at the helm. He referenced the attack on Saudi Arabia's Aramco that wiped data from thousands of its computers, before saying:

"I fully expect that during my tenure as commander of the U.S. Cyber Command there will be offensive activity directed against critical infrastructure of the United States designed to damage, destroy, or manipulate" data or equipment.

Iranian hackers launch increasingly sophisticated cyber-espionage attacks

That brings us to Operation Saffron Rose and the latest report (pdf) from FireEye Labs about Iranian-based hacker groups launching increasingly sophisticated cyber espionage attacks against U.S. defense companies. An Iranian hacker group known as the Ajax Security Team took part in website defacements back in 2010 is now using "at least one malware family that is not publicly available" to attack "perceived enemies of Iran" in the U.S. as well as to target domestic users of anti-censorship technology. In a place like Iran, silencing political dissent could easily mean killing the people behind those voices.

FireEye has evidence that the Ajax hackers used social engineering tactics like phishing emails and social media messages to trick users into visiting a fake website tainted with malware. Ajax infected U.S. defense companies and used "Stealer" to record keystrokes and encrypt data stolen from compromised computers.

"There is a considerable grey area between the cyber espionage capabilities of Iran's hacker groups and any direct Iranian government or military involvement," FireEye reported. "We assess that if these actors continue the current pace of their operations they will improve their capabilities in the mid-term."

At the Reuters Cybersecurity Summit, Leonard Moodispaw, CEO of cybersecurity firm KEYW Corp, whose biggest customers are U.S. intelligence agencies, said that "for now, Iranian hackers appeared to be increasingly spying and stealing money but not launching Stuxnet-like destructive attacks. 'They are more interested in IP and taking money than in shutting anybody down'."

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.