NSA chief downplays cybersecurity power grab reports

(Credit: CNET/Declan McCullagh)

SAN FRANCISCO--The director of the National Security Agency on Tuesday downplayed reports of the NSA's attempt to wrest control of cybersecurity responsibilities from rival federal agencies.

"We do not want to run cybersecurity for the U.S. government," Lt. Gen. Keith Alexander said at the RSA security conference here.

Instead, Alexander said, the Department of Homeland Security should continue to oversee Internet and computer security for civilian agencies, while the NSA would provide that service for military agencies.

Alexander's remarks come during a 60-day review of the federal government's cybersecurity efforts ordered by President Obama that could end with responsibilities being reshuffled between agencies. Melissa Hathaway, who worked for the director of national intelligence in the Bush administration and is conducting the review, is scheduled to give a public talk on Wednesday.

The announcement of the review led to speculation that the White House's National Security Council or NSA would be handed more cybersecurity responsibilities, along with a larger budget to carry them out. Although the 2002 law creating DHS centralized cybersecurity responsibilities, it has been repeatedly criticized by government auditors who concluded that DHS failed to live up to its responsibilities and may be "unprepared" for emergencies.

On Tuesday, Alexander did note that the NSA "has tremendous technical abilities" and suggested that crisis management might benefit from centralization. "The question is: What happens in a time of crisis? We don't have a way of seeing and sharing networks today in a timely manner."

Much of Alexander's remarks appeared to be a response to Rod Beckstrom, former director of Homeland Security's National Cybersecurity Center, whose resignation letter last month blasted what he described as an NSA power grab that could threaten "our democratic processes." That led some members of Congress -- including the Democratic chairman of the House Homeland Security Committee -- to object to NSA control, which Clinton-era FBI director Louis Freeh echoed a day later.

Other topics of discussion at the RSA conference included cyberattacks by foreign governments--a Wall Street Journal report on Tuesday said some sensitive files related to the Pentagon's Joint Strike Fighter Project had been electronically viewed--and the recent Conficker worm.

On Tuesday, Robert Lentz, chief information assurance officer for the Department of Defense, said the agency is attempting to protect 15,000 networks, 7 million computers, and 1.1 billion Defense Department Internet users worldwide. There are 360 million probes targeted at Defense Department networks each day, compared to the 1 million probes an average major U.S. bank gets per month, he said.

"2009 is the tipping point," Lentz said. "The reality is the bad guys are going to be in our networks," and officials have to figure out how to best detect and contain the threats, he said.

High-level officials understand the seriousness of cyberthreats and understand that "airplanes can't fly if the network is down," he said. "The biggest challenge is turning geek-speak into things they can understand."

The department has a lot of work to do to change the network protection policy from one based on bolting together disparate security tools to one where protective tools are interoperable and integrated, according to Lentz.

Within the next week or so the agency expects to have an identity assurance strategy that will include biometrics for authenticating identity of network users and identification of devices like routers and switches, he said.

Asked after his talk if he believed reports that Chinese cyber spies had infiltrated the department's network, Lentz said "probably."

CNET's Elinor Mills contributed to this report.

[n3td3v]

"probably"

Not a yes or a no, just a probably.

Sounds like they've got no evidence and are just pointing fingers for a political agenda.

[Commander_Spock]

Re: "[... High-level officials understand the seriousness of cyberthreats and understand that "airplanes can't fly if the network is down," he said. "The biggest challenge is turning geek-speak into things they can understand."...]"; perhaps, what should be added to this is that "Space Vehicles" (both military and civilian) cannot leave their launch pads.

Well, in any case; and, if not for nothing else the Russians must be finding some "level of comfort" with the OS/2 Operating System that they are depending on to run their systems.

http://en.ecomstation.ru/solutions/?action=solutions

The question is: Why would anyone wish to employ systems like those of the Linux OSes that every kid out of high school knows about their "innards"!!!

[cohaver]

Windows OS has more holes in then Swish Cheese Remember it employs a large number of Foreign workers . Trusting any OS is stupid Testing hacking and breaking into a network or Software should be done daily to remove as many weakness as possible. Teams pitting NSA Against DHS to Secure our Networks Should be done at highest level . It better we find our weakness than someone else.

[Commander_Spock]

Re: "Teams pitting NSA Against DHS to Secure our Networks Should be done at highest level . It better we find our weakness than someone else...."

While this idea might be a good one.... just when is the "country's economy" (around which all else revolve) going to be fixed?

[Commander_Spock]

One more thing; re: "[... pitting NSA Against DHS to Secure our Networks....]"

With the U. S. Military bringing plenty of experience to the "table" through exposure to diverse international cultural and other factors then how will the NSA-DHS Vacuum Chamber be enhanced/strengthened without the very involved/active participation of the U. S. Military and those

[Commander_Spock]

This should read: "With the U. S. Military bringing plenty of experience to the "table" through exposure to diverse international cultural and other social and economic factors.... then how will the NSA-DHS Vacuum Chamber be enhanced/strengthened without the very involved/active participation of the U. S. Military and those friendly foreign countries around the world.