Cybersecurity

NSA chief wary of proxies

Admiral Michael Rogers speaking at George Washington University on May 11, 2015.

At a May 11 appearance at George Washington University, Adm. Michael Rogers, head of the NSA and Cyber Command, said nation-states might increasingly turn to proxies for cyberattacks. (Photo by Sean Lyngaas)

As the U.S. government’s ability to pinpoint the source of cyber behavior grows more precise, nation-states could increasingly turn to proxies to carry out attacks, according to National Security Agency Director Adm. Michael Rogers.

“One of the trends I look for increasingly in the future … [is] do you see nation-states start to look for surrogates as a way to overcome our capabilities in attribution?” Rogers said May 11 in remarks at a cybersecurity event at George Washington University.

U.S. officials consider accurate attribution, which is supported by the NSA’s vaunted cyber capabilities, to be an important method of deterring cyberattacks. Rogers has said publicly that the NSA’s software analysis identified North Korea as the perpetrator of the large-scale hack of Sony Pictures Entertainment in November.

Rogers, who is also head of U.S. Cyber Command, said at GW that it was important for the U.S. to promptly identify the culprit of the Sony Pictures hack and to talk publicly about possible responses to the attack, as President Barack Obama did when he vowed to respond to the digital siege of the movie studio “in a place and time and manner that we choose.” Rogers added that he “didn’t want anyone drawing the conclusion … [that] perhaps this is within the realm of the acceptable.”

Nonetheless, attribution in cyberspace can be very difficult because adversaries have myriad ways of hiding their tracks.

While nation-states have always been capable of creatively masking their footprints, there has been little incentive for them to do so because retribution from victims of cyberattacks has been rare, according to Tony Cole, vice president and global government CTO at FireEye.

“If real cyber norms get established between nations and they include extradition agreements for violations, then we can expect to see higher levels of sophistication across the board to further muddy the attribution waters,” he told FCW.

Rogers also touched on another key component of the U.S. government’s cyber deterrence strategy: the ability to launch attacks. Referring to what he said was the offensive component of the cyber strategy Defense Secretary Ashton Carter unveiled last month, Rogers said, “We think it’s important that potential adversaries out there know that this is part of our strategy.”

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.