Archive for the ‘NSA’ Category

LSU Partners With Louisiana Ports To Tackle Cybersecurity … – The Waterways Journal

Louisiana State University (LSU) and five Louisiana ports have forged a partnership to develop a pipeline of cybersecurity talent and technology in support of the state and the nations critical infrastructure. The collaboration, which grew out of the schools Scholarship First Agenda, brings together the universitys burgeoning cybersecurity expertise with the river ports of Greater Baton Rouge, South Louisiana, New Orleans and St. Bernard, along with Port Fourchon, the states leading coastal energy port.

The memorandum of understanding between LSU and the ports makes the university their official academic research partner. Under the plan, LSU students and faculty will work with the ports to tackle both current and emerging cyber issues. The partnership could include the development of cybersecurity testbeds, or controlled cyber environments that allow for experimentation, along with joint research and broader collaboration with state and federal security and law enforcement agencies. According to the announcement from LSU, the partnerships primary goal will be to create a pipeline of homegrown cyber talent for Louisiana.

The agreement builds on LSUs designation in 2022 as a Center of Academic Excellence in Cyber Operations by the National Security Agency (NSA).

Like our students and research expertise, Louisianas port system impacts every corner of the state and has national and global reach, LSU President William Tate said. The Scholarship First Agenda elevates domains that meet citizens most pressing needs and define Louisianas role in the world. These areasagriculture, biomedicine, coast, defense (including cybersecurity) and energyall converge in Louisianas ports. Our designation last year by the [NSA] as a Center of Academic Excellence in Cyber Operations, or CAE-CO, positions us as one of the best and most technical cybersecurity schools in the country, and were now connecting our talented students and experts with our friends here at Louisianas ports to tackle cybersecurity and critical infrastructure challenges across Louisiana.

Sign up for Waterway Journal's weekly newsletter.Our weekly newsletter delivers the latest inland marine news straight to your inbox including breaking news, our exclusive columns and much more.

The critical nature of Louisianas ports, specifically the five that are part of the LSU cybersecurity partnership, is clear. The ports of Greater Baton Rouge, South Louisiana, New Orleans and St. Bernard comprise the largest port complex in the world. Overall, 20 percent of all jobs in Louisiana rely on the states ports.

The Port of Greater Baton Rouge ranks eighth in total tonnage nationally and handles a wide range of commodities, including asphalt, coal, coffee, forest products, biomass, chemicals, oats, pipes, steel and sugar.

As one of the countrys top ports in total tonnage, we pride ourselves in our ability to adapt to emerging needs, said Jay Hardman, executive director of the Port of Greater Baton Rouge. From our docks, we have direct lines of sight to both the Capitol and LSUs campus, so we are well-positioned and excited to work with this group on cybersecurity challenges and talent development.

The Port of South Louisiana is the second largest port in the Western Hemisphere by tonnage and the nations leading grain port. More than 60 percent of U.S. grain exports leave through the Port of South Louisiana, along with 100 million tons of petrochemical products exported annually. Both agricultural products and petrochemicals have national security and global security significance.

The commerce that happens along the Lower Mississippi River at the Port of South Louisiana is intertwined with the national security of the United States, Port of South Louisiana CEO Paul Matthews said. This partnership with LSU and our sister ports will ensure that our states infrastructure and assets are protected in this ever-evolving cybersecurity landscape.

In New Orleans, cybersecurity concerns extend to cruise ship traffic and container handling, in addition to bulk cargo ships, cargo handling and towboat and tugboat traffic. The Port of New Orleans operates the states only international container terminal and the nations sixth largest cruise business.

Louisianas maritime assets create jobs and connect our state to global markets, and the Port of New Orleans is proud to partner with LSU and all Louisianas deepwater ports to raise the cybersecurity bar to ensure the highest levels of protection of our critical port infrastructurenow and into the future, said Brandy Christian, president and CEO of the Port of New Orleans.

The only deep draft slackwater slip on the Lower Mississippi River is located within St. Bernard Port, which employs close to 20 percent of St. Bernard Parish. The port sees an annual average of more than 10 million tons of cargo move through its terminals.

Given our unique position as a primary bulk handler of everything from metals for advanced manufacturing to fertilizer for our national and state food producers, as well as the only place on the Lower Mississippi with a deepwater slip, we fully recognize the importance of cybersecurity and protecting these assets, said Drew Heaphy, executive director of St. Bernard Port. We appreciate the opportunity to participate and look forward to working closely with LSU on talent development and retention and projects critical to our operations.

Along the coast, almost all of the Gulf of Mexicos offshore energy production and one-sixth of the nations oil supply are serviced by Port Fourchon in Lafourche Parish.

Our agency has a rich history as a leader in cybersecurity-related affairs, as do the other ports we are joined with today for this announcement, said Chett Chiasson, executive director of the Greater Lafourche Port Commission. We look forward to assisting with this worthwhile endeavor moving forward because we understand how vital cybersecurity is, for not only our region, but our nation.

Besides the pipeline for expertise the partnership will foster, it will also enable LSU and partner ports to work with federal and other research groups in the fields of defense, homeland security and intelligence. LSU, which already operates student-run Security Operations Centers at its Baton Rouge and Shreveport campuses, will also offer threat intelligence and incident response for ports and the states cyber emergency response efforts.

See the original post:
LSU Partners With Louisiana Ports To Tackle Cybersecurity ... - The Waterways Journal

NSA Pushes Eavesdropping Law, Hits TikTok, Braces for AI-Boosted Attacks – Defense One

NSA leaders are fighting to persuade Congress to renew a controversial law that cuts red tape for intelligence agencies eavesdropping on foreign actors but which has also been improperly used hundreds of times to collect data on Americans.

So FISA Section 702 is up for renewal this year. And it is a vital source of intelligence. It is an authority that lets us do collection against a known foreign entity who chooses to use U.S. infrastructure, Rob Joyce, the National Security Agencys cybersecurity director, said Tuesday during a Center for Strategic and International Studies event. It makes sure that we don't afford the same protections to those foreign malicious actors who are on our infrastructure as we do the Americans who live here.

Section 702 of the Foreign Intelligence Surveillance Act, or FISA, gives the U.S. government the ability to digitally spy on foreign targets outside of the U.S. without a warrant. But civil-liberties groups have documented hundreds of times that U.S. citizens social-media interactions, phone calls, and emails have accidentally been gathered in 702-related surveillance. New America calls such violations inadvertent or unintentional yet extremely concerning because they reveal systemic problems that result from the scope and complexity of the Section 702 surveillance program. Even the court that oversees FISA cases has noted violations.

But supporters of the law describe it as integral to intelligence and law enforcement efforts. Section 702 is set to expire and is up for reauthorization this year with an expected debate to come. And NSA plans to advocate hard for keeping it, Joyce said.

I can't do cybersecurity at the scope and scale we do it today without that authority, and so we'll be working hard with Congress, with the administration, with our partners at FBI and others, DOJ, to figure out how we get 702 reauthorized. It's really vital.

New privacy laws, as well as privacy provisions in cybersecurity laws, are complicating things as well. The standards advanced in the European Unions five-year-old General Data Protection Regulation, or GDPR, have presented some roadblocks for intelligence agencies.

There were second-order effects that we didn'tI won't say we didn't appreciate, because there were people sounding the alarm. They were not fully considered in the weight of that, Joyce said.

For example, it became more difficult to force internet registries to disclose who owns a domain name.

The default was you couldn't know that thing. And so cybersecurity researchers all over the world lost the ability to follow connectivity between banned domains. So we've got to think about second-order reflections, Joyce said. There is a need for data privacy, but we've got to have rational connectivity to the rule of law processes that still makes cybersecurity effective.

TikTok and ChatGPT: our friendly AI overlords?

Joyce said the concern with TikTok isnt potentially exposing personal data of a subset of individuals but the possibility that the Chinese government could access every bit of metadata the platform gathers.

Do I think if I loaded TikTok on my phone, they're going to get to all the other sensitive things through that TikTok app tomorrow? Probably not. The cost of exposing to TikTok in that way to exploit one or a small set of users probably isn't worth it. But all the data, the metadata, that they do collect, that goes back to big servers, accessible to Chinathat's a problem, Joyce said.

TikTok CEO Shou Chew, who faced intense questioning from Congress last month, pledged that the app would remove U.S. users non-public data to servers that can only be accessed by U.S.-based employees. But the NSA cyber director said, echoing lawmakers' concerns, that even the algorithms pose a threat.

The idea that they own the algorithms that promote or suppress the content. That's a huge problem when you have millions upon millions of eyes consuming the content, and they can dial up something that is divisive, or they can dial down something that is threatening to the PRC. That's the advantage, he said.

ChatGPT, which holds some promise to improve daily operations in the Pentagon, also poses concern to cybersecurity, particularly when it comes to crafting more sophisticated phishing messages.

The technology's impressive. It is really sophisticated, Joyce said. Is it going to, in the next year, automate all of the attacks on organizations? Can you give it a piece of software and tell it to find all the zero-day exploits for it? No, but what it will do is it's going to optimize the workflow. It's going to really improve the ability for malicious actors who use those tools to be better or faster.

That includes phishing or fraud messages that read more like native English-language speakers.

And in the case of the malicious foreign actors, it will craft very believable native-language English text, that could be part of your phishing campaign or your interaction with a person or your ability to build a backstoryall the things that will allow you to do those activities or even malign influencethat's going to be a problem, Joyce said.

AI will also help certain hackers reach a new level, he said.

Is it going to replace hackers and be this super AI hacking? Certainly not in the near term, but it will make the hackers that use AI much more effective and they will operate better than those who don't, he said.

Read the original here:
NSA Pushes Eavesdropping Law, Hits TikTok, Braces for AI-Boosted Attacks - Defense One

AI tools like ChatGPT likely to empower hacks, NSA cyber boss warns – C4ISRNET

WASHINGTON Generative artificial intelligence that fuels products like ChatGPT will embolden hackers and make email inboxes all the more tricky to navigate, according to the U.S. National Security Agency cybersecurity director.

While much-debated AI tools will not automate or elevate every digital assault, phishing scheme or hunt for software exploits, NSAs Rob Joyce said April 11, what it will do is optimize workflows and deception in an already fast-paced environment.

Is it going to replace hackers and be this super-AI hacking? Certainly not in the near term, Joyce said at an event hosted by the Center for Strategic and International Studies think tank. But it will make the hackers that use AI much more effective, and they will operate better than those who dont.

U.S. officials consider mastery of AI critical to long-term international competitiveness whether thats in defense, finance or another sector. At least 685 AI projects, including several tied to major weapons systems, were underway at the Pentagon as of early 2021.

With enough training, the technology can handle menial tasks, such as answering questions and digging up contact information, or augment military operations by parsing tides of incoming information and facilitating exploration of areas deemed too dangerous for troops.

Something as sophisticated as OpenAIs ChatGPT, Joyce said Tuesday, can be used to craft very believable native-language English text that can then be applied to phishing attacks or foreign influence campaigns. ChatGPT is capable of holding humanlike conversations with enough prompting, and it can provide content like poetry, essays or computer code within seconds.

Thats going to be a problem, Joyce said.

OpenAI CEO Sam Altman has acknowledged potential risks, telling ABC News in March that he worries about how these models could be used for large-scale disinformation and could be used for offensive cyberattacks. He also sought to explain its guardrails, meeting with lawmakers earlier this year to demystify the product.

ChatGPT logged more than 1 million users within a week of its late-2022 launch. The application is thought to be the fastest growing in history, outpacing TikTok and Instagram to 100 million active monthly users.

Colin Demarest is a reporter at C4ISRNET, where he covers military networks, cyber and IT. Colin previously covered the Department of Energy and its National Nuclear Security Administration namely Cold War cleanup and nuclear weapons development for a daily newspaper in South Carolina. Colin is also an award-winning photographer.

Read the rest here:
AI tools like ChatGPT likely to empower hacks, NSA cyber boss warns - C4ISRNET

US tech firms should wargame response if China invades Taiwan, warns NSA cybersecurity chief – Breaking Defense

Global, Networks / Cyber

WASHINGTON Russias invasion of Ukraine last year sent American tech firms scrambling to shore up their operations, especially those with workers in danger zones. But a Chinese invasion of Taiwan would have even more chaotic consequences for which businesses should start planning today, said the National Security Agencys director of cybersecurity, Rob Joyce.

We had a lot of companies who had to had to endure hard decisions and take rapid action at the time of the invasion in February 2022, Joyce said at the Center for Strategic & International Studies this morning. Often they had people in Ukraine that were now going to be in a war zone and they had to think about getting them out. They had Russian or Ukrainian sysadmins [systems administrators], and they had to think about what privileges they wanted them to have. They had network segments in Russia or Ukraine and they had to think about whether they severed that or firewalled that. They had to think about whether they just pulled all the way out of their Russian businesses and what the implications were.

Joyce said for all that complexity, a Chinese invasion of Taiwan would even worse, considering how [much] more intertwined Taiwan is with the global economy and how much more of a cyber threat China may pose compared to Russia.

Thats a really hard problem, he emphasized, and you dont want to be starting that planning the week before an invasion when youre starting to see the White House saying its coming. You want to be doing that now and buying down your risk and making those decisions in advance and its really hard, so tabletop it and see where your pain points are.

Ukraine is a major global supplier of grain and a throughway for Russian oil and gas, which continues to flow through pipelines to Europe right across the war zone, so the war had global economic impacts, including potential famines in poor countries. Ukraine is also a significant source of cyber crime, much of it historically aligned with Russia, so conflicts between formerly friendly Russian and Ukrainian hackers have disrupted the criminal world.

But Taiwan is the global hub of semiconductor manufacturer, producing 60 percent of all chips and 90 percent of the most advanced ones, with a GDP three times larger than Ukraines. And unlike Ukraine, Taiwans an island, with no neighbors to drive or take the train to when companies need to evacuate people and assets. Any movement on or off Taiwan would have to pass through disputed waters where Chinese forces can attack, while anything leaving Ukrainian territory headed west has legal sanctuary as soon as it crosses the land border.

And China is a much bigger country than Russia, with more GDP and more technical talent to deploy. The threat of China is capacity and resources, Joyce said. Were used to kind of a narrative of this unsophisticated, loud threat and yes, there is an enormous amount of unsophisticated, loud Chinese threat. But there are also elite units that have tools and tradecraft that [are] very sophisticated. Thats the concern, [if] theyre able to scale and use that elite set of concepts and tools at a much bigger pace.

Despite the differences, Joyce said theres a lot of lessons to learn from how the Ukrainians protected themselves that apply to other scenarios, including US firms operating on Taiwan.

They were very resilient. How did they get that? They got there because they practiced for years, he said. Theyve gotten to the point where, you know, the Ukrainian sysadmins knew they had to have backups, and when they got a [data destroying] wiper virus they shrugged their shoulders, they cleaned the machine, they reloaded from backup and they moved on.

Whats more, he said, around the invasion they got an uplift from the US government providing resources, but [also] a lot of pro bono industry support, to make them much harder targets. One of the most important cyber-maneuvers: moving activity off of data centers physically on Ukrainian territory to cloud servers in the West. So instead of being on servers amidst the war zone, with a handful of Ukrainian systems administrators struggling with power outages, bombardments, and even potential takeover by Russian troops, Ukrainian networks increasingly ran off servers in sanctuary, on Western territory with vast teams of Western government and industry cyber defenders.

You now went from two people who were maintaining and operating those servers to teams of hundreds or thousands, Joyce said. Whats more, he said, those centralized Western cloud providers were easy points of contact for the NSA and other government backup support that could never have found its way to all the individual small operations previously scattered across Ukraine.

I wasnt going to find those two server admins in in Ukraine and be able to help them directly like that, he said.

See the original post here:
US tech firms should wargame response if China invades Taiwan, warns NSA cybersecurity chief - Breaking Defense

The NSA’s Brain Drain Has a Silver Lining – Defense One

For more than 60 years, the National Security Agency was the employer of choice for the countrys top cyber and tech talent. Even the Edward Snowden scandal in 2013 did little to mar the agencys ability to hire and keep talent. In 2015, then-Director Mike Rogers could rightly boast about his agencys under-2 percent voluntary attrition rate, better than its government and industry peers.

But by 2016, reports of a brain drain were emerging from the halls of Fort Meade. Competition with Big Tech for talent had intensified. Internal discontent over organizational tumult, bureaucratic inertia, and lagging innovation pushed the attrition rate past 6 percent. One cybersecurity executive was reportedly stunned by the caliber of would-be recruits leaving government service. Two years later, attrition had risen to 8 percenteven 9 percent for technical personnelin what was described as an attritional epidemic.

This year, the agency more comfortable operating in the shadows launched one of its largest hiring surges in 30 years to confront its talent shortage. The public campaign even includes job postings on LinkedIn (where most employees dont have accounts). NSA also awarded defense giant CACI International $2.4 billion to augment the ranks of NSAs analysts.

A retention problem at NSA is a prima facie cause for national-security concern. But theres a silver lining in the trends driving this exodus: they are the down payment on a stronger, more diverse, and more resilient cybersecurity ecosystem.

First, the talent exodus from NSA to the private sector reflects a development long sought by agency leaders: companies are at last ready and willing to take more responsibility for cyber defense. Those leaders have for years called upon companies to bolster their cyberdefenses and share more cybersecurity information because as much as 85 percent of critical cyber infrastructure just as important to national security is privately owned and operated, and therefore outside NSAs purview. (Amazon Web Services going down, for example, would hurt the American economy more than a temporary NSANet outage.)

Now it is happening. If cybersecurity is a team sport as current NSA Director Gen. Paul Nakasone likes to say, then the private sector has muscled its way off the bench and into the starting lineup. Recall that FireEye alerted the NSA, and not the reverse, about the 2020 Solar Winds hack, one of the most sophisticated cyber attacks ever.

Second, the movement of cyber talent between NSA and the private sector facilitates the necessary cross-pollination of knowledge, expertise, and perspective that improves collective defense. Cyber threats to the public and private sectors have converged, and hackers in Beijing and Moscow no longer reserve their most complex tools for government networks. NSAs growing cadre of cyberwarriors have a deep understanding of malign cyber actors tradecraft, tools, and capabilities, but are less knowledgeable about U.S-based activity. Private industry monitors a larger virtual attack surface area, including domestic networks, and is quicker to share information about threats, respond to incidents, and manage crises. With a healthier appreciation for each others capabilities, priorities, and ways of working, both NSA and the private sector can foster organizational trust and forge a more constructive relationship.

Third, the high demand for former NSA employees increases the agencys attractiveness as an employer. People may be more likely to apply to NSA if they believed a stint at the agency would boost their career, not sentence them to a 30-year stint in government. (Look at how students flood top consulting firms and investment banks with resumes, partly attracted by the impressive career doors that open to them when they depart.) Today, the breadth and diversity of exit opportunities for both technical and non-technical NSAers is rich. Ex-agency employees populate the threat intelligence teams at Fortune 500 companies. As startup founders, they raised over $300 million in venture capital in 2021 and more than $1 billion since 2013, according to Pitchbook data. They serve in senior White House positions.

So what should the NSA do?

First, NSA leaders must reimagine the agencys role within the broader cybersecurity ecosystem; its no longer the only game in town. One inspiration could be Unit 8200, NSAs Israeli counterpart. Most of Unit 8200s worker-bees leave the service when their conscription ends, then go on to work at, run, and start some of the worlds leading cyber companies (think Palo Alto Networks and NSO).

Second, NSA should use former employees as unofficial ambassadors for the agency and its mission to the rest of the cybersphere. They have worked on both sides of the fenceline and can build bridges between the startup world, private sector, and the powerful government science and technology workforce. They understand the agencys DNA, but have a cross-ecosystem perspective. To be sure, NSA senior leaders have made outreach to former employees a priority. Forums like an NSA Alumni Board could institutionalize alumni engagement.

The cybersecurity paradigm has changed. A Crowdstrike analysts work can inform the strategic thinking of the president of the United States. Developers at Meta disrupt Russian botnets. But neither can legally burrow into the internal networks of malign cybers actors for doctrinal insights. The talent transfer has tremendous implications, both positive and negative, for Americas cyberdefense posture. A secure future in cyberspace will emerge not from siloed and competing centers of excellence, but from the fusion of public and private sector collaboration. Its important we get it right.

Evan Rosenfield spent almost a decade in the U.S. intelligence community, serving in various operational, analytical, and policy positions in counterterrorism and cybersecurity.

Link:
The NSA's Brain Drain Has a Silver Lining - Defense One