The National Security Agency's director of information assurance today said the "way to achieve confidence in cyberspace" is to increase collaboration between the government and the high-tech industry -- remarks that rang ironic given former NSA contractor Edward Snowden's revelations about how NSA works with industry.
NSA documents leaked by Snowden showed that the NSA's goal is to build backdoors into commercial products and weaken encryption to make it easier for surveillance, allegations that the U.S. government has not even tried to refute. When asked about that today, NSA director of information assurance Debora Plunkett, who gave the keynote address at the New York Institute of Technology Cyber Security Conference here, flatly refused to discuss the topic. But her keynote address was intended to get hardware and software vendors to work in ever-closer partnership with the NSA.
Cyberattacks that could take electricity grids offline and disrupt transportation systems are possible, Plunkett said in her keynote, pointing out the destructive attack that hit Saudi Aramco last year and impacted data systems there.
It's a simple matter to hire hacking services to carry out attacks such as denial-of-service, she said, and the fear now is of "integrity attacks" that would destroy or alter critical data. These are all "cyber security challenges," she noted, and the government today is largely dependent on commercial hardware and software for which the NSA itself cannot "provide indemnification." NSA's needs industry's help, she said.
Plunkett said "we have to have a community come together" to collaborate on security in mobility and the cloud especially. The NSA expects that the future of network security lies in "more automated cyber defense" based on "large-scale automation" that would reduce the need for manpower where there would be more real-time sharing of findings. She said there's a need for collaboration with ISPs and hardware companies to achieve all of this. "We have to build a close partnership," she said, adding, there can be "confidence in cyberspace" if "we stay the course."
Plunkett is a 29-year veteran of the NSA who worked her way up through the ranks to have a hand in guiding strategic direction for the agency, which carries out surveillance to help defend the country against cyberthreats.
But NSA documents recently leaked by Snowden show that the NSA views its partnership with industry in part as a way to subvert security in commercial products and services to make cyber-spying easier. This revelation casts NSA's call for industry partnership and its insistence that there can be "confidence in cyberspace" in a questionable light.
There were other presentations made at the Cyber Security Conference today that suggested how cyberattacks are disrupting U.S. businesses.
Sign up for CIO Asia eNewsletters.