NSAs cyber directorate marks a year in operation – Federal News Network
Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drives daily audio interviews onApple PodcastsorPodcastOne.
Few agencies are more concerned with cybersecurity than the National Security Agency. One might say NSA has cyber in its DNA. Recently the agencys cybersecurity directorate marked a full year of operations. For details on what its managed to get done, deputy director Dave Luber spoke to Federal Drive with Tom Temin.
Tom Temin: Mr. Luber, good to have you on.
Dave Luber: Tom, great to be here today.
Tom Temin: So first of all tell us roughly in general terms what the Cybersecurity Directorate does for NSA, and I guess youve got a kind of a government wide mission also.
Dave Luber: Well, thanks Tom. Cybersecurity Directorate was formed in 2019, and was created to integrate NSA cybersecurity mission to prevent and eradicate threats to our nations most sensitive systems and critical infrastructure. The Cybersecurity Directorate integrates NSA threat intelligence, vulnerability analysis, cryptographic knowledge, defensive operations and diverse technical expertise. Our cybersecurity year end review goes into more detail to this work we did towards the mission in 2020. And thats the first year of our full year as a Cybersecurity Directorate.
Tom Temin: Alright. And how many people are involved? Give us a sense of the scope of the activity here. And by the way, are you headquartered at the main NSA location?
Dave Luber: We are headquartered at the NSA main location in Fort Meade. And we have a vast number of folks that are part of our team, and just a great group of folks and professionals.
Tom Temin: And before we get into some of the specific accomplishments listed in the annual report, I just wanted to ask you, you think of the Cybersecurity and Infrastructure Security Agency at Homeland Security, CISA, as being in a similar type of activity. Do you to talk to one another and is there some sort of collaboration or cooperation there?
Dave Luber: Absolutely, in fact, CISAs one of our prime partners, but not the only partner that we have across the US government. And Ill get into a little bit more of that when I talk about some of the activities that weve engaged on collectively together.
Tom Temin: Well, lets get into that annual report thats online. And what do you consider some of the top highlights?
Dave Luber: Well, first off, the top highlights, the Cybersecurity Year in Review was really created to demonstrate the returns on investment that NSA made in the cybersecurity area and for the stakeholders and the American taxpayers. Really, the document is a testament to the skills and resiliency of the NSA people, and the partners across the public and private sectors who worked together throughout the year to protect the US in cyberspace. The Year in Review, we really created this to highlight and an unclassified way the accomplishments that were driven by our tremendous workforce and the partners, and to even provide greater transparency to the audiences as we lean forward in this first year. And Id be happy to go into some additional details on some of the things that we worked in that report.
Tom Temin: Well, you mentioned that there were 30 actionable cybersecurity products. And tell us more about those these are things that you coded or programmed? You tell me.
Dave Luber: Really, when I talk about the cybersecurity advisories and products, what Im really talking about is security guidance, or assessments that weve put together to help our customers in the national security system, national security systems owners, the Department of Defense, the defense industrial base, and many others within government, understand how to configure their systems and understand also the threats that they may see from cyber actors. So whether thats making sure that we protect our nations vital vaccine and make sure the networks are protected from actors who may try and target vaccine makers, or when we talk about nation states that may want to use public vulnerabilities to gain access to your networks.
Tom Temin: Got it. And heres where maybe the collaboration with CISA would come in, and also maybe the National Institute of Standards and Technologies. They have advisories and guidance and so forth, yours seems to be maybe more oriented toward the intelligence community and DoD, the classified end.
Dave Luber: Both national security systems owners, yes, on the classified end, but also the unclassified end. So just to give you an example, one of the efforts that we put together in one of our products, we issued this jointly between NSA, CISA and partners in the UK and Canada to warn against a particular advanced persistent threat targeting organizations engaged in COVID-19 vaccine research in the US and the UK and Canada. So that joint advisory provided really important indicators of compromise and detection techniques, and actionable mitigations. And as you might imagine, those sorts of advisories then help those in the vaccine process and developing the vaccine to really go and look at their networks, examine those networks and put mitigations in place.
Tom Temin: Theres one highlight thats really interesting and that is you supported the DoDs transition to telework and releasing written products and providing commercial solutions for classified capability packages. And this applies to 100,000 people. Tell us more about that one.
Dave Luber: Sure, absolutely. And COVID-19 really made us rethink how we work across government. And just like the rest of the the United States, the US government started transitioning many of their employees to working from home. So our experts in the cybersecurity mission rose to the occasion really to support the DoD into the transition of telework, but also enabling more than 100,000 users to telework securely. And as you might imagine, that included everything from releasing the best practices and products to use in a telework environment, as well as how to identify and mitigate compromises to personal home networks as more users begin to use those as part of their official business.
Tom Temin: Yes, because thats a mode of work thats likely to continue at a high level for some time, maybe even after the pandemic.
Dave Luber: Absolutely. So this work continues and we are constantly engaging with many partners across the DoD and other national security systems owners to further refine that guidance and provide additional insights as we learn more about the best ways to operate securely in a telework environment.
Tom Temin: And getting back to the operation warp speed, which you supported again with advisories and so forth, and what to watch out for, did you detect any particular heightened activity other than what goes on normally out there in the wild directed toward that research and toward those companies?
Dave Luber: As I mentioned, NSA provides threat intelligence and cybersecurity advisements. And if we start to see demonstrated activity where advanced persistent threats are targeting organizations, especially those that are important to our national security, such as the vaccine research that was going on, were absolutely going to get those advisories out and get that information out to those so they can protect their networks. Operation Warp Speed is really a whole government effort led by the Department of Defense and Health and Human Services. We wanted to make sure that that team was poised and charged to produce and deliver safe and effective COVID vaccine capabilities.
Tom Temin: So now all you have to do is get it made and distributed and the country will be better off. And let me ask you this, what are you looking for in 2021 and beyond? You helped secure an election, thats over with, and Operation Warp Speed is mostly done because there is a vaccine. So what comes up next?
Dave Luber: Certainly when you think about what comes up next, we have been working, as you might know, on a number of different activities going on. Our cybersecurity advisories continue to be a very important part of our future and making sure that we can get those insights out to our customers, and to make sure that they have the best guidance possible to secure their networks against very advanced cyber threats.
Tom Temin: Because a lot of agencies including DoD and their statutory requirements to get after security of the supply chain, and then the SolarWinds issue hit which was a supply chain breach, so is supply chain part of what youre looking at in depth coming up?
Dave Luber: Absolutely. This was a cyber espionage operation which was executed at scale and speed with very nuanced tactics and techniques and procedures. The actor targeted private sector technology providers who both serve the government and corporate clients and used that access to gain a foothold into their victims. And then they carefully picked specific victims of interest. So due to the nature of the foreign intelligence and cybersecurity mission, we are out there providing support to both US government entities that have been affected by this activity.
Tom Temin: And one more question, at the website there is a illustration It looks like a wall chart of the 2020 accomplishments. And it says can you find the hidden message in this graphic, but its very tiny on a web browser. And no matter what I did, I couldnt get that to enlarge. So how do people get to that wall chart so that they can solve the hidden message in the graphic?
Dave Luber: I believe our wall chart is available on nsa.gov.
Tom Temin: Alright, and someone could download and print it and stick it up and figure it out?
Dave Luber: Thats correct.
Tom Temin: Dave Luber is Deputy Director of the Cybersecurity Directorate at the National Security Agency. Thanks so much for joining me.
Dave Luber: Thank you.
View original post here:
NSAs cyber directorate marks a year in operation - Federal News Network
- CISA, NSA, and Partners Issue Annual Report on Top Exploited Vulnerabilities - HSToday - December 5th, 2024 [December 5th, 2024]
- Where Will The Top Amateurs at NSA Yamaha Land After the Team Closes? - Vurbmoto - December 5th, 2024 [December 5th, 2024]
- CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure - HSToday - December 5th, 2024 [December 5th, 2024]
- Main players backing Syrian government have been weakened by other conflicts, NSA Sullivan says - NBC News - December 5th, 2024 [December 5th, 2024]
- Trump's incoming NSA Mike Waltz wants US to dance cheek-to-check with India - The Times of India - November 14th, 2024 [November 14th, 2024]
- What Trump's NSA Nominee Said On India's Pivotal Role In The 21st Century - NDTV - November 14th, 2024 [November 14th, 2024]
- Exclusive: Nakasone on exploding pagers, life after the NSA and another possible government job - The Record from Recorded Future News - November 14th, 2024 [November 14th, 2024]
- FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 - BleepingComputer - November 14th, 2024 [November 14th, 2024]
- CISA, NSA, and Partners Issue Annual Report on Top Exploited Vulnerabilities - National Security Agency - November 14th, 2024 [November 14th, 2024]
- 6 Principles of Operational Technology Cybersecurity released by joint NSA initiative - Security Intelligence - November 14th, 2024 [November 14th, 2024]
- It's official FBI, CISA, and NSA reveal the most exploited vulnerabilities of 2023 - TechRadar - November 14th, 2024 [November 14th, 2024]
- Donald Trump picks Mike Waltz as US NSA: What it means for China and India - The Times of India - November 14th, 2024 [November 14th, 2024]
- Who is Mike Waltz, Donald Trump's new NSA pick? What are his ties to India Caucus? - Firstpost - November 14th, 2024 [November 14th, 2024]
- NSA should not oversee the management of national facilities RexDanquah - Citi Sports Online - November 14th, 2024 [November 14th, 2024]
- Trudeaus NSA admits to leaking secret intel alleging Indias interference to Washington Post - Firstpost - October 31st, 2024 [October 31st, 2024]
- White House dials NSA Ajit Doval: Here's what happened in the call - The Economic Times - October 31st, 2024 [October 31st, 2024]
- NSA Doval Stresses Need For Stable Indo-Pacific In Phone Call With US Counterpart Sullivan - News18 - October 31st, 2024 [October 31st, 2024]
- Director-General of NSA calls for continued support from government - GhanaWeb - October 21st, 2024 [October 21st, 2024]
- 5G Non Standalone Nsa Architecture Market to Reach USD 240.0 - openPR - October 21st, 2024 [October 21st, 2024]
- NSA meets with Minister Muir and DAERA to discuss industry concerns - Meat Management - October 21st, 2024 [October 21st, 2024]
- NSA cyber chief: Espionage is now Russias focus for cyberattacks on Ukraine - The Record from Recorded Future News - October 11th, 2024 [October 11th, 2024]
- NSA Investigating If Chinese Hackers Breached US Telecoms - Yahoo Finance - October 11th, 2024 [October 11th, 2024]
- NSA Issues Updated Guidance on Russian SVR Cyber Operations - National Security Agency - October 11th, 2024 [October 11th, 2024]
- News - Honoring the Stars and Stripes: NSA Philadelphia Hosts Dignified Flag Disposal Ceremony - DVIDS - October 11th, 2024 [October 11th, 2024]
- NSA's Program for Nursing Mothers in the Workplace Considered a Model for USG - National Security Agency - October 11th, 2024 [October 11th, 2024]
- NSA investigating hack of three major telecommunications companies - Baltimore Sun - October 11th, 2024 [October 11th, 2024]
- Honoring the Stars and Stripes: NSA Philadelphia Hosts Dignified Flag Disposal Ceremony [Image 8 of 8] - DVIDS - October 11th, 2024 [October 11th, 2024]
- NSA Hiring Over a Thousand in the Next Year - ClearanceJobs - October 4th, 2024 [October 4th, 2024]
- What Its Really Like to Work at NSA - National Security Agency - October 4th, 2024 [October 4th, 2024]
- US Elections: Former NSA John Bolton Claims Both Harris And Trump Do Not Qualify To Be President | NewsX Exclusive - NewsX - October 4th, 2024 [October 4th, 2024]
- Honoring the fallen: Bells toll for Americas heroes at NSA Mechanicsburg - American Military News - October 4th, 2024 [October 4th, 2024]
- How often should you turn off your phone? Heres what the NSA says - PCWorld - October 4th, 2024 [October 4th, 2024]
- NSA and Allies Issue Advisory about PRC-Linked Actors and Botnet Operations - HSToday - September 28th, 2024 [September 28th, 2024]
- NSA warns that Active Directory is an "exceptionally large and difficult to defend" attack surface - The Stack - September 28th, 2024 [September 28th, 2024]
- News - Honoring the Fallen: Bells Toll for Americas Heroes at NSA Mechanicsburg - DVIDS - September 28th, 2024 [September 28th, 2024]
- National Storage Affiliates Trust (NYSE:NSA) Given Average Recommendation of "Reduce" by Brokerages - MarketBeat - September 28th, 2024 [September 28th, 2024]
- Lack of Standard Stadiums: NSA boss sacked, facilities closed - What has been said and done so far - GhanaWeb - September 21st, 2024 [September 21st, 2024]
- NSA and Allies Issue Advisory about PRC-Linked Actors and Botnet Operations - National Security Agency - September 21st, 2024 [September 21st, 2024]
- UTEP Establishes Collaboration with DoD, NSA to Help Enhance U.S. Semiconductor Workforce - The University of Texas at El Paso - September 21st, 2024 [September 21st, 2024]
- The NSA advises you to turn off your phone once a week - here's why - ZDNet - September 21st, 2024 [September 21st, 2024]
- NSA Publishes Cyber Advisory on China-Linked Threat Actors - Executive Gov - September 21st, 2024 [September 21st, 2024]
- Former NSA Director Nakasone opens new institute at Vanderbilt to train right type of leader - Washington Times - September 21st, 2024 [September 21st, 2024]
- ACR lauds legislation that would fine insurers for delayed NSA payments - AuntMinnie - September 16th, 2024 [September 16th, 2024]
- NSA threatens lawsuit over election rigging allegation, demands apology - Pulse Nigeria - September 16th, 2024 [September 16th, 2024]
- NSA explains its work with private sector on election security and fighting foreign cyber threats - Washington Times - September 16th, 2024 [September 16th, 2024]
- NSA to debut podcast to boost public awareness of classified missions - Nextgov/FCW - August 31st, 2024 [August 31st, 2024]
- In Beijing, Bidens NSA Calls Out Chinas Destablising Actions, Openly Supports Philippines - Hindustan Times - August 31st, 2024 [August 31st, 2024]
- Why the NSA advises you to turn off your phone once a week - ZDNet - August 31st, 2024 [August 31st, 2024]
- Getting into rhythm: NSA places high expectations on themselves for 2024 - Suffolk News-Herald - August 31st, 2024 [August 31st, 2024]
- NSA readying podcast to share untold stories of codebreakers missions - Washington Times - August 31st, 2024 [August 31st, 2024]
- Trump govt stopped aid to Pakistan over ISI's 'undeniable complicity' with terrorists: Ex-US NSA - Hindustan Times - August 31st, 2024 [August 31st, 2024]
- Top NSA researcher tapped to lead Pentagons UAP investigation hub - DefenseScoop - August 27th, 2024 [August 27th, 2024]
- NSA Releases Guide to Combat Living Off the Land Attacks - Infosecurity Magazine - August 27th, 2024 [August 27th, 2024]
- With a little help from the National Archives, NSA finally releases Grace Hopper lecture. Watch it here. - MuckRock - August 27th, 2024 [August 27th, 2024]
- Trump administration NSA H.R. McMaster says there was "inconsistency" in foreign policy - CBS News - August 25th, 2024 [August 25th, 2024]
- 'Putin exploited Trump's ego and insecurities': Former NSA in new book - The Times of India - August 25th, 2024 [August 25th, 2024]
- NSA calls for urgent Government action on illegal sheep imports - Meat Management - August 14th, 2024 [August 14th, 2024]
- Sheikh Hasina Resignation LIVE Updates: Ex Bangladesh PM Sheikh Hasina Meets NSA Ajit Doval At Hindon Airbase - NDTV - August 5th, 2024 [August 5th, 2024]
- NSA Claims It Cant Watch an Important Tape It Recorded in the 1980s - Gizmodo - July 17th, 2024 [July 17th, 2024]
- Letter to NSA Sullivan Requesting Assessment of Information Russia Has Shared with the PRC on U.S. Weapons Capabilities in Ukraine - Select Committee... - July 17th, 2024 [July 17th, 2024]
- The NSA Is Defeated By A 1950s Tape Recorder. Can You Help Them? - Hackaday - July 17th, 2024 [July 17th, 2024]
- Letter to NSA on Microsoft's Billion Dollar Partnership with UAE Firm G42 - Select Committee on the CCP | - July 17th, 2024 [July 17th, 2024]
- NSA Fast Pitch World Series kicks off with Skills Competition & Heavy Hitters Camp, featuring College World Series Champions from the University... - July 17th, 2024 [July 17th, 2024]
- NSA contractor bilked government for hundreds of hours she never worked - Washington Times - July 6th, 2024 [July 6th, 2024]
- Signals intelligence has become a cyber-activity - The Economist - July 6th, 2024 [July 6th, 2024]
- OpenAI adds former NSA chief to its board - CNBC - June 15th, 2024 [June 15th, 2024]
- Former head of NSA joins OpenAI board - The Verge - June 15th, 2024 [June 15th, 2024]
- Former NSA Head Joins OpenAI Board and Safety Committee - RetailWire - June 15th, 2024 [June 15th, 2024]
- Former NSA head joins OpenAI board and safety committee - TechCrunch - June 15th, 2024 [June 15th, 2024]
- OpenAI Appoints Cybersecurity Expert And Retired US Army Genera With NSA Pedigree To Board, Enhancing AI ... - Benzinga - June 15th, 2024 [June 15th, 2024]
- Former NSA head Paul Nakasone to helm national security institute at Vanderbilt - The Record from Recorded Future News - May 15th, 2024 [May 15th, 2024]
- US is still chasing down pieces of Chinese hacking operation, NSA official says - The Record from Recorded Future News - March 18th, 2024 [March 18th, 2024]
- 6 CISO Takeaways from the NSA's Zero-Trust Guidance - Dark Reading - March 18th, 2024 [March 18th, 2024]
- St. John's M.S. in Cyber and Information Security Earns Key NSA Validation - St John's University News - March 18th, 2024 [March 18th, 2024]
- Senate votes to confirm Lt. Gen. Timothy Haugh to lead CYBERCOM and NSA/CSS - United States Cyber Command - December 23rd, 2023 [December 23rd, 2023]
- NSA Highlights AI, Partnerships in 2023 Cyber Review - MeriTalk - December 23rd, 2023 [December 23rd, 2023]
- NSA Publishes 2023 Cybersecurity Year in Review - National Security Agency - December 23rd, 2023 [December 23rd, 2023]
- Senate votes to confirm Lt. Gen. Timothy Haugh to lead CYBERCOM and NSA/CSS - National Security Agency - December 23rd, 2023 [December 23rd, 2023]
- NSA Reiterates Achievements in AI & Defense Against Russia, China in 2023 Cybersecurity Review - Executive Gov - December 23rd, 2023 [December 23rd, 2023]
- NSA appoints new Cyber Command head | SC Media - SC Media - December 23rd, 2023 [December 23rd, 2023]