NSA stakes out virtual battlefield
Throwing elbows with a dozen federal agencies
Cyberspace is fast becoming a strategic arena in which America must prepare to do battle with foreign adversaries, the US National Security Agency (NSA) Director, Air Force General Michael Hayden, observed on Monday.
"Information is now a place," Hayden argued during a National Institute of Standards and Technology (NIST) computer security conference in Maryland. "It is a place where we must ensure American security as surely as....sea, air and space."
The virtual battlefield has "taken on a dimension within which we will conduct operations to ensure American security," he said.
However, the "legal structure into which [information operations] must fit" has yet to be moulded into a final form. But, "as the United States begins to think about what it....wants to do when it is under [cyber-] attack, it raises a really interesting question that we all have to work through in context of....democracy," he observed.
Last year the US Joint Chiefs of Staff Chairman, Army General Henry "Hugh" Shelton, confirmed that US forces had mounted limited (and not terribly effective) information attacks against Serb networks during the bombing campaign against Slobo & Co., and without much public, democratic soul-searching.
Because Hayden mentioned that the NSA has yet to receive authorisation to launch a cyber attack, we're left to surmise that the Serb attacks were launched under auspices of the CIA.
Hayden said the NSA is eager to play a defensive role as well, protecting US telecomms networks against attacks from "cyber terrorists, a malicious hacker or even a non-malicious hacker," and in so doing alluded to potential conflicts where purviews might overlap. For example, the CIA and the FBI's National Infrastructure Protection Centre (NIPC) are also motivated by similar defensive obligations.
Because the security establishment tends (often with good reason) to err on the side of secrecy, it's not clear whether there is a duplication of effort and a potential for counter-productive treading on feet here, or whether a clear scheme of who handles what and when has been mapped out.
We hope one has, but according to Hayden, the NSA seems to be all over the place, now cultivating partnerships with the IT industry and e-commerce to improve network security in key areas, matters also of interest to the Department of Justice, the Department of Commerce, the Department of State, the Department of the Treasury, the Federal Communications Commission, the Department of Energy and the General Services Administration, to offer a short list.
This is all well and good so long as a dozen federal agencies, the White House, and those way-sexy unconventional warfare crews and 'X-Divisions' of the Department of Defence, aren't trying to do the same, and working from their own, unique scripts. ®
Sponsored: Global DDoS threat landscape report