NSA touts role in cyber investigations
- By Sean Lyngaas
- Apr 02, 2015
National Security Agency Director Adm. Michael Rogers called for closer and more rapid collaboration with the private sector in investigating cyber intrusions.
The National Security Agency has helped investigate every major cyber intrusion in the private sector in the last six months, Director Adm. Michael Rogers said, adding that he wants that collaboration to get faster and more anticipatory.
"We have got to figure out a way that we can harness the capabilities of NSA to partner with the private sector in the name of defending our nation, because NSA has some amazing technical capabilities in the information assurance arena," Rogers said April 2 at a conference hosted by AFCEA's Washington, D.C., chapter.
Rogers, who also heads U.S. Cyber Command, said the FBI, NSA and other agencies worked well with Sony Pictures Entertainment in investigating the devastating November hack on the film studio, but lamented that the work was post-mortem rather than proactive.
"It can't just be that the only time we interact with each other is when things are going wrong," he said.
Rogers said he envisions the NSA and Cyber Command swiftly sharing cyber-threat indicators with firms, which in turn give the agencies feedback on how well they identified incoming threats. The NSA can help dissect the malware used in attacks on the private sector, then develop security signatures in response, he said. There are "always advanced indicators" of a cyberattack, "well before you get to that offensive, destructive act," he added.
Earlier at the conference, Maj. Gen. Joseph Brendler, director of plans and policy (J-5), at Cyber Command, sounded a similar note of cooperation with the private sector on cyber defense. "I think we're increasingly appreciating the importance of our public-private partnerships and the nuances associated with that," he said, adding, "that has to be founded on the appropriate regulatory framework."
Rogers' statements highlight the NSA's central role in attributing cyberattacks on U.S. assets to specific actors. In making their case that North Korea was responsible for the Sony Pictures hack, FBI officials declined to specify what role the NSA had in the attribution. But after the FBI blamed North Korea publicly in December, Rogers said the NSA fingered North Korea by tracing the malware used in the attack.
NSA's outreach to the private sector could extend to shared facilities. Rogers said he is interested in "[creating] some infrastructure out in the private sector" that Cyber Command could use outside its Fort Meade, Md., headquarters, but did not elaborate. A Cyber Command spokesperson could not be reached to elaborate on any plans for such a facility.
FCW staff writer Adam Mazmanian contributed to this story.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.