NSA touts role in cyber investigations

The National Security Agency has helped investigate every major cyber intrusion in the private sector in the last six months, Director Adm. Michael Rogers said, adding that he wants that collaboration to get faster and more anticipatory.

"We have got to figure out a way that we can harness the capabilities of NSA to partner with the private sector in the name of defending our nation, because NSA has some amazing technical capabilities in the information assurance arena," Rogers said April 2 at a conference hosted by AFCEA's Washington, D.C., chapter.

Rogers, who also heads U.S. Cyber Command, said the FBI, NSA and other agencies worked well with Sony Pictures Entertainment in investigating the devastating November hack on the film studio, but lamented that the work was post-mortem rather than proactive.

"It can't just be that the only time we interact with each other is when things are going wrong," he said.

Rogers said he envisions the NSA and Cyber Command swiftly sharing cyber-threat indicators with firms, which in turn give the agencies feedback on how well they identified incoming threats. The NSA can help dissect the malware used in attacks on the private sector, then develop security signatures in response, he said. There are "always advanced indicators" of a cyberattack, "well before you get to that offensive, destructive act," he added.

Earlier at the conference, Maj. Gen. Joseph Brendler, director of plans and policy (J-5), at Cyber Command, sounded a similar note of cooperation with the private sector on cyber defense. "I think we're increasingly appreciating the importance of our public-private partnerships and the nuances associated with that," he said, adding, "that has to be founded on the appropriate regulatory framework."

Rogers' statements highlight the NSA's central role in attributing cyberattacks on U.S. assets to specific actors. In making their case that North Korea was responsible for the Sony Pictures hack, FBI officials declined to specify what role the NSA had in the attribution. But after the FBI blamed North Korea publicly in December, Rogers said the NSA fingered North Korea by tracing the malware used in the attack.

NSA's outreach to the private sector could extend to shared facilities. Rogers said he is interested in "[creating] some infrastructure out in the private sector" that Cyber Command could use outside its Fort Meade, Md., headquarters, but did not elaborate. A Cyber Command spokesperson could not be reached to elaborate on any plans for such a facility.

FCW staff writer Adam Mazmanian contributed to this story.