The NSA’s Plan: Improve Cybersecurity by Hacking Everyone Else

WHISTLEBLOWING - SURVEILLANCE, 23 Mar 2015

Trevor Timm – The Guardian

The NSA’s plan to protect America by starting cyberwars is absurd. Their argument that they need more power to do it is more so.

The NSA wants more powers to hack whomever it wants. Photograph: Dado Ruvic/REUTERS

The NSA wants more powers to hack whomever it wants. Photograph: Dado Ruvic/REUTERS

21 Mar 2015 – The National Security Agency want to be able to hack more people, vacuum up even more of your internet records and have the keys to tech companies’ encryption – and, after 18 months of embarrassing inaction from Congress on surveillance reform, the NSA is now lobbying it for more powers, not less.

NSA director Mike Rogers testified in front of a Senate committee this week, lamenting that the poor ol’ NSA just doesn’t have the “cyber-offensive” capabilities (read: the ability to hack people) it needs to adequately defend the US. How cyber-attacking countries will help cyber-defense is anybody’s guess, but the idea that the NSA is somehow hamstrung is absurd.

The NSA runs sophisticated hacking operations all over the world. A Washington Post report showed that the NSA carried out 231 “offensive” operations in 2011 – and that number has surely grown since then. That report also revealed that the NSA runs a $652m project that has infected tens of thousands of computers with malware.

And that was four years ago – it’s likely increased significantly. A leaked presidential directive issued in 2012 called for an expanded list of hacking targets all over the world. The NSA spends ten of millions of dollars per year to procure “‘software vulnerabilities’ from private malware vendors” – ie, holes in software that will make their hacking much easier. The NSA has even created a system, according to Edward Snowden, that can automatically hack computers overseas that attempt to hack systems in the US.

Moving further in this direction, Rogers has also called for another new law that would force tech companies to install backdoors into all their encryption.The move has provoked condemnation and scorn from the entire security community – including a very public upbraiding by Yahoo’s top security executive – as it would be a disaster for the very cybersecurity that the director says is a top priority.

And then there is the Cybersecurity Information Sharing Act (Cisa) the downright awful “cybersecurity” bill passed by the Senate Intelligence Committee last week in complete secrecy that is little more than an excuse to conduct more surveillance.The bill will do little to stop cyberattacks, but it will do a lot to give the NSA even more power to collect Americans’ communications from tech companies without any legal process whatsoever. The bill’s text was finally released a couple days ago, and, as EFF points out, tucked in the bill were the powers to do the exact type of “offensive” attacks for which Rogers is pining.

While the NSA tries to throw every conceivable expansion of power against the wall hoping that something sticks, the clock continues to tick on Section 215 of the Patriot Act – the law which the spy agency secretly used to collect every American’s phone records. Congress has to re-authorize by vote in June or it will expire, and as Steve Vladick wrote on Just Security this week, there seems to be no high-level negotiations going on between the administration and Congress over reforms to the NSA in the lead-up to the deadline. Perhaps, as usual, the NSA now thinks it can emerge from yet another controversy over its extraordinary powers and still end up receiving more?

Go to Original – theguardian.com

 

Share this article:


DISCLAIMER: The statements, views and opinions expressed in pieces republished here are solely those of the authors and do not necessarily represent those of TMS. In accordance with title 17 U.S.C. section 107, this material is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. TMS has no affiliation whatsoever with the originator of this article nor is TMS endorsed or sponsored by the originator. “GO TO ORIGINAL” links are provided as a convenience to our readers and allow for verification of authenticity. However, as originating pages are often updated by their originating host sites, the versions posted may not match the versions our readers view when clicking the “GO TO ORIGINAL” links. This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a ‘fair use’ of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond ‘fair use’, you must obtain permission from the copyright owner.


Comments are closed.