Here is what caught our eye in the world of intelligence this week:
NSA breached North Korean networks long before the Sony attack, and its extensive access to those networks helped allow the U.S. government to determine who was responsible for that attack, according to the New York Times. This article is fascinating both because of the details in provides into NSA operations in North Korea and because these details are now showing up on the front page of a major American newspaper.
President Obama announced new legislation intended to bolster cyber security and encourage cooperation between the government and private sectors. While speaking at the National Cybersecurity and Communications Integration Center in Virginia Obama said; “Neither government nor the private sector can defend the nation alone… It’s going to have to be a shared mission.” One of the proposals the President unveiled would shield companies from liability if they shared information involving computer threats with the government. The President also hopes to toughen the penalties for cybercrimes, claiming he wants cybercriminals to “feel the full force of American justice.”
At the end of the month the White House plans to issue a series of progress updates about their efforts to reform the NSA’s mass-surveillance programs. The new report is meant to coincide with the one year anniversary of a speech Obama gave after the Snowden revelations in which he outlined “concrete and substantial reforms” intended to curb NSA powers. The White House would not comment specifically on what updates would be mentioned in the report; however, Deputy press secretary Shawn Turner said “the intelligence community has made significant progress toward our goal, toward the administration’s goal, of protecting civil liberties and privacy while making sure that the intelligence community has the tools it needs to safeguard our national security.”
The National Academy of Sciences (NAS) released a report this week about technical alternatives to bulk collection. While the report is worth reading for anyone immersed in surveillance policy discussions, its utility is limited by the narrow (almost myopic) scope of the NAS review, which limited itself to examining the technical feasibility of alternatives to bulk collection without regard to the efficacy or legal of that collection or the details of any specific bulk collection program.
House Speaker John Boehner claimed that secret government surveillance helped foil an alleged plot to attack the Capitol. Twenty year-old Christopher Cornell of Ohio was arrested earlier this week with possession of multiple weapons and hundreds of rounds of ammunition. He had expressed his allegiance to ISIL through comments made on social media sites, which drew the attention of the FBI. Check out Julian Sanchez’s rebuttal over at Just Security. Sanchez states that Boehner’s account “seems conspicuously at odds with the FBI’s own account of how alleged plotter Christopher Cornell was identified.”
The Defense Intelligence Agency announced that Maj. Gen. Vincent Stewart, formally the head of the Marine Forces’ Cyber Command, will take over as director of the DIA at the end of the month. The move gives the defense agency, which is responsible for “tracking and analyzing foreign militaries’ and terrorist groups,” a needed expertise in matters of cyber security. Stewart will also become the first Marine, and African-American to become head of the intelligence agency. James Clapper, the Director of National Intelligence, said Stewart is “exceptionally qualified,” and that his “temperament, professional background, leadership skills and integrity make him eminently suited to be the next DIA director.”
The United States and United Kingdom have agreed to participate in joint cyber exercises in order to be better prepared for the “urgent and growing” threat of cyber-attacks. During Prime Minister David Cameron’s recent trip to Washington the two nations crafted strategies that will focus on protecting the financial sector from cyber-attacks. Obama and Cameron also discussed English and American private companies and ways to make sure they are “on the same page” in terms of how to protect against hackers. Additionally, the U.S. and U.K. will combine aspects of their intelligence agencies to create a joint cyber cell which will include staff from the FBI, NSA, and MI5 to focus on “specific cyber defense topics.”