An interesting statement came out from an National Security Agency (NSA) employee last week. According to a Dailytech article, the NSA is switching its computer security mindset from defense to the realization that the bad guys will get in.
Debora Plunkett, NSA’s director of the U.S. Information Assurance Directorate said, “There’s no such thing as ‘secure’ any more. The most sophisticated adversaries are going to go unnoticed on our networks. We have to build our systems on the assumption that adversaries will get in. We have to, again, assume that all the components of our system are not safe, and make sure we’re adjusting accordingly.”
This is a change in policy from trying to keep people out, to monitoring and limiting the damage done when they do get in. And get in they have, numerous reports of large corporations, government, and military breaches have made headline news over the years. Foreign Governments, Terror organizations and Nation States had made it a priority to compromise American security and gain as much intel as possible.
The U.S. has been under increasing attack digitally from foreign intelligence agencies, including China and North Korea. Foreign spies have infiltrated defense contractors, and retrieved information from lost U.S. government hardware. Deputy Defense Secretary William Lynn, in the September/October issue of the journal Foreign Affairs, estimated that at least 100 foreign intelligence agencies are trying, night and day, to hack into U.S. government systems. He says that many of these agencies have the sophistication to succeed, at least some of the time, in their plots.
China alone has the manpower to unleash thousands of hackers against a single target. And many feel that foreign powers already have access to critical infrastructure systems. According to Mike McConnell (NSA chief from 1992 to 1996), “[There is not a major computer system of consequence] that is not penetrated by some adversary that allows the adversary, the outsider, to bleed all the information at will.”
What we will probably see is more monitoring and backdoors in software and hardware devices. Things like Lawful Intercept in Cisco routers are well known. Allegations have also been made that the FBI placed several backdoors in OpenBSD:
“… a former government contractor named Gregory Perry came forward and told him that the FBI had put a number of back doors in OpenBSD’s IPsec stack, used by VPNs to do cryptographically secure communications over the Internet.”
The biggest fear is over reaction, like the TSA’s full body scanners. More security is a good thing, as long as it does not continue to erode our personal privacy and freedom.