The titles are not always kind to the National Security Agency, a spy agency that operates almost entirely in the shadows. But a year ago, the NSA launched its new Cybersecurity Directorate, which in the last year has become one of the most visible divisions of the spy agency.
At its core, the direction focuses on the defense and security of critical national security systems that the government uses for its sensitive and classified communications. But the direction has become better known for sharing some of the most emerging cyber threats, on a large scale, from foreign hackers. Last year management warned against attacks intended for secure boot functions on most modern computers, and doxxed a malware operation linked to Russian intelligence. By making it public, NSA aims to make it more difficult for foreign hackers to reuse their tools and techniques by helping to defend critical systems at home.
But six months after management began its work, COVID-19 has been declared a pandemic and a large part of the world – and the United States – has come to a close, urging pirates to change gears and change tactics.
“The threat landscape has changed,” Anne Neuberger, The NSA’s cybersecurity director told TechCrunch Disrupt 2020. “We’re moving into telecommuting, we’re going into new infrastructure, and we’re seeing cyberattacks moving to profit as well,” he said.
Publicly, the NSA recommended on which the video conferencing and collaboration software was secure, and warned about the risks associated with virtual private networks, whose use boomed after the start of the locks.
But behind the scenes, the NSA is working with federal partners to help protect efforts to produce and distribute a vaccine for COVID-19, a fact the U.S. government has called Operation Warp Speed. News of the NSA’s involvement in the operation has been leaked first reported by Cyberscoop. As the world rushes to develop a working COVID-19 vaccine, which experts say is the only long-term way to end the pandemic, the NSA and its British and Canadian partners have gone public with another operation. of Russian intelligence destined to conduct COVID-19 research.
“We’re part of a collaboration across the U.S. government, we each have different roles,” Neuberger said. “The role we play as part of‘ Team America for Cyber ’works to understand foreign actors, who are, in an attempt to steal information from the COVID-19 vaccine – or more importantly, disrupt the information of the vaccine or shake confidence in a given vaccine. “
Neuberger said the protection of pharmaceutical companies developing a vaccine is only one part of the massive supply chain operation going on to get a vaccine to millions of Americans. Ensuring the cybersecurity of government agencies tasked with approving a vaccine is also a priority.
Here’s more to take away from the speech, and you can watch the interview throughout (embedded above).
Because TikTok is a national security threat
TikTok it’s a few days away an app store ban, after the Trump administration earlier this year accused the Chinese-owned company of threatening national security. But the government has been less than next about what specific risks the video sharing application poses, only to allege that the application might be forced to spy for China. Beijing has long been accused of cyber attacks against the United States, including to massive violation of the classified files of government employees by the Office of Personnel Management in 2014.
Neuberger said the “purpose and scale” of the TikTok application’s data collection makes it easier for Chinese spies to answer “all kinds of different intelligence questions” about U.S. citizens. Neuberger acknowledged that American technology companies such as Facebook and Google also collect large amounts of user data. But that there are “bigger concerns about how [China] in particular it could use all that information collected against populations other than soybeans, ”he said.
The NSA privately disclosed security bugs to companies
The NSA is trying to be more open about the vulnerabilities it finds and discloses, Neuberger said. She told TechCrunch that the agency shared a “number” of vulnerabilities with private companies this year, but “those companies did not want to give up.”
An exception was made earlier this year when Microsoft confirmed that the NSA had privately found and reported a major cryptographic flaw in Windows 10, which could have allowed hackers to correct malware by masking it as a legitimate file. The bug was so dangerous that the NSA reported the vulnerability to Microsoft, which fixed the bug.
Just two years ago, the spy agency was criticized for finding and using a Windows vulnerability to make a note instead of warning Microsoft of the defect. Exploitation was then filtered and became accustomed infects thousands of computers with WannaCry ransomware, causing millions of dollars in damage.
As a spy agency, NSA exploits flaws and vulnerabilities in software to gather intelligence about the enemy. He has to go through a process called the Vulnerability Equity Process, which allows the government to conserve bugs that it can use to spy.