Are U.S. superspies at NSA getting into fight against ordinary hackers?
NSA gives security advice to banks, heads up Pentagon cybersecurity.
The U.S. military may not have been able to do much to block global cyberattacks against U.S. businesses, so the ultra-secret digital superspies at the National Security Agency (NSA) are pitching in to help.
It's pitching in to help banks and investment companies on Wall Street, that is, not doing anything to help secure companies in industries with less money but more impact -- electric utilities for example.
According to a report from Reuters this morning, the NSA offers its technical expertise to banks on request and may be sharing some of its most recent updates on malware as it does with some defense contractors.
The NSA – established during the Cold War to eavesdrop on Soviet communications in every medium available – built listening posts around the world and launched satellites rumored to be capable of intercepting cell-phone signals, encrypted radio communications, land-line conversations and monitor the location of submarines by tracking their effect on the Earth's magnetic field.
NSA operatives are also immune from the forget-this-ever-happened rays from Neuralyzers carried by the Men in Black and amnesia-inducing presence of the parasitic species discovered by Dr. Who and known only as The Silence.
Some special NSA operatives are said to be capable of pouring entire bags of M&Ms into one hand but catch only the green ones.
Not all this pseudo-magical cyberspy expertise should be placed in the hands of bankers, of course.
So the NSA limits its role to consulting with and advising banks on how to prevent, detect or eliminate threats such as the long-term bugging discovered last year that allowed someone to spy on what big-company CEOs told NASDAQ, or the shock-and-awe-inducing attack from hacktivist group Anonymous that slowed trading a bit on the New York Stock Exchange (NYSE), and made it completely inaccessible from 3:35 p.m. to 3:37 p.m. Oct. 11, according to the Chicago Tribune.
Financial blackouts like that one might be survivable, but that doesn't mean the U.S. financial system isn't under even more threat than most other industries because taking down Wall Street would have a serious impact on the overall U.S. economy, according to NSA Director Keith Alexander in an interview with Reuters.
NSA tries to lock down Pentagon, Wall Street
The NSA is actually a wing of the U.S. military, not an independent agency like the CIA or FBI. It is also responsible for managing the Pentagon's service-wide efforts at cyber security, according to Alexander, a four-star Army general who probably shouldn't be bragging about that part of his job, given the almost-failing grade the Pentagon got on its cybersecurity efforts this summer.
In a report that sounded more disappointed than accusatory, the Government Accountability Office (GAO) summarized 20 years worth of steadily increasing hackage on the military and civilian companies in the U.S. and the fractured, ineffective, unfocused way the military has dealt with them.
"There is no penalty for attacking us now. We have to figure out a way to change that," said Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff during a July press conference announcing a new, more aggressive cybersecurity strategy for the Pentagon overall.
That effort, in which the NSA has a larger role than during previous attempts to lock the backdoor, and the formation of the U.S. Cyber Command to be a central strategy and training unit for the military overall are both positive steps, according to the GAO report.
Neither solves the pattern of miscommunication, conflicting doctrines and un-integrated security efforts that have left the US. military's digital curtain wall so full of holes, the report concluded.
The NSA, on the other hand, is good enough at both attack and defense (or at least defense and not talking about being attacked) that its security is the opposite of legendary. No one has anything to say about it because few are ever able to lift the security cover far enough to see how heavy it is, let alone what might be inside.
So the banking industry could have picked a worse mentor in the cyber-security business.
Other industries might seem to deserve the help more, given that their collective behavior has been less arrogant, less destructive and less careless about any economic or IT security but their own.
It makes sense to put more effort on the most vulnerable spots, however. And in the U.S., the financial services industry is a big, fat, soft target.
"We know adversaries have full unfettered access to certain networks," according to an interview in the Reuters story with Shawn Henry, executive assistant director of the FBI. "Once there, they have the ability to destroy data. We see that as a credible threat to all sectors, but specifically the financial services sector."
Henry wouldn't name the adversaries, but neither would RSA, when it ended a six-month investigation of the crack of its SecureID database on a "nation state" that was also probably the culprit behind attacks on defense contractors L3 Communications, Northrup Grumman and Lockheed Martin.
McAfee did name China as the culprit behind a five-year string of successful attacks focused mainly on the oil and gas industries, in a report published in February.
Judging by the organizations it attacks and information it seeks – competitors of Chinese companies and information on dissident individuals, groups and countries (Taiwan) – China is more interested in preserving its own internal order than disrupting that of others, especially "others" like the United States, that owe it a lot of money.
Semi-government-controlled organized criminal groups in Russia and other areas of Eastern Europe, non-state-centered terrorist organizations in the Middle East, unfriendly countries such as Iran that have respectable hacking capabilities of their own, however are a much more serious threat to both the infrastructure and financial institutions of the U.S., according to whole series of reports from security firms, government agencies and universities collectively filed under the Pending Disasters category in the Library of Congress."
Alexander refused to give details about the help NSA is giving banks, but did agree with Pentagon officers who said the strategy of the U.S. Cyber Command was to add more offensive capability as a deterrence, rather than simply improving defenses to reduce the number of successful intrusions.
Though security is better now on Wall Street and in the military than it was even a year or two ago, Alexander told Reuters, "tremendous vulnerabilities" remain, as demonstrated by recent attacks on Google, NASDAQ, Lockheed Martin and others.
"If they’re getting exploited, what about the rest? We have to change that paradigm,” Alexander told Reuters.
Read more of Kevin Fogarty's CoreIT blog and follow the latest IT news at ITworld. Follow Kevin on Twitter at @KevinFogarty. For the latest IT news, analysis and how-tos, follow ITworld on Twitter and Facebook.
Reuters: Jason Reed