NSA Downplays Scope of Surveillance -- Redmondmag.com

The Schwartz Report

NSA Downplays Scope of Surveillance

Half a year after former National Security Agency contractor Edward Snowden started to unleash classified documents that revealed surveillance of data provided by telecommunications and key cloud and Internet companies, the NSA's top brass spoke out for the first time. But detractors, some who don't believe the NSA's claims, argue the agency has only inflamed the situation, according to those weighing in on social media, blogs and comments added to various reports.

NSA officials gave their first extensive on-the-record interview with 60 Minutes, broadcast last night (transcript), in an effort to do damage control and correct what the NSA disputes as misinformation about some of Snowden's revelations, which have resulted in deep mistrust by users and IT pros (many of you included) of the privacy and security of their data. Critics came down on CBS for having correspondent John Miller conduct the interview, who was previously an intelligence official, for throwing softballs and a lack of outside analysis to question some of the NSA's claims.

General Keith Alexander, who leads the NSA and U.S. Cyber Command, joined by other agency officials, admitted to the damage incurred from Snowden's revelations. At the same time Alexander and Rick Ledgett, who is tasked with assessing the damage, spoke out in an effort to discredit Snowden and deny some of the claims he has made

Alexander insisted the NSA isn't reading the contents of e-mail and other online communications, nor is it listening to actual phone conversations. "There's no reason that we would listen to the phone calls of Americans," he said. "There's no intelligence value in that. There's no reason that we'd want to read their e-mail. There is no intelligence value in that."

The only information in the metadata that's analyzed is phone numbers dialed, the parties on the call and the time and day, Alexander said. Only trends that give probable cause are investigated further, he said. "We don't hear the call," he emphasized. "We don't see the names. [We see] the 'to-from number, the duration of the call and the date, time..." He continued by saying the NSA only passes on the specific phone numbers of those communicating with suspicious numbers to the FBI.

But Alexander did acknowledge that the NSA collects the 300,000 phone records of all Americans. Asked why, Alexander explained: "How do you know when the bad guys, who are using the same communications that my daughters use, is in the United States trying to do something bad? The least-intrusive way of doing that is metadata."

Furthermore, Alexander argued that if the NSA had the tools to analyze metadata prior to the September 11, 2001 attacks, it may have found evidence of the planned attacks before they took place. But privacy advocates argue accessing metadata isn't as benign as it sounds and is questionable, if not illegal. Others are concerned for the potential of future abuse.

Alexander also denied that they had direct links to the datacenters of Google and Yahoo, though the question of whether they had access to Microsoft's facilities, disclosed in July, never came up.

Whether you feel CBS let NSA whitewash its surveillance activities, these first remarks by agency officials underscored the damage Snowden caused them. In fact, how much undisclosed information Snowden still has is a mystery. The New York Times reported over the weekend that it is unknown due to the fact that he hacked firewalls, accessed data with other administrators' passwords and used screen scraping tools to gather data. That makes it possible that Snowden still has information that could have devastating consequences, Alexander acknowledged.

Ledgett didn't dispute the possibility that Snowden has 1.7 million documents in hand. If Snowden were to release that information publicly or give it to a foreign government, "it would give them a roadmap of what we know, what we don't know,and give them implicitly a way to protect their information from the U.S. intelligence community's view," Ledgett told Miller.

That notion has led to a debate as to whether the U.S. should give Snowden immunity from prosecution in exchange for returning home to answer questions. Ledgett believes "it's worth having a conversation about," with assurances that all data are secured, while Alexander is against that. "I think people have to be held accountable for their actions because what we don't want is for the next people to do the same thing," Alexander said.

Joined by other NSA officials, the agency also described what it is doing to avoid cyber attacks by foreign nations, which it says could do major damage include bringing down the nation's power grid and financial system. During the broadcast, the NSA revealed it foiled a plot to unleash a virus that would render PCs to a "brick." The attack, which is said to have emanated from China, would have come in the form of an e-mail notifying users of an important software update, the NSA revealed. Some of its 3,000 cyber analysts tasked with foreseeing such activity caught it before it could do any damage.

It's unfortunate 60 Minutes didn't let critics weigh in in its report but not surprising, given it let Amazon.com CEO Jeff Bezos show, on the eve of "cyber Monday," a video simulation of drones that he said will someday deliver packages to customers' doorsteps. On the other hand, last night's broadcast did showcase the agency's thousands of highly skilled engineers and offered a glimpse of the NSA, albeit cleansed, while keeping an important discussion in the spotlight.

As we close the books on 2013, Snowden's leaks were one of the top IT stories of the year and epitomized the power of a rogue systems administrator. Whether or not you see Snowden as a hero or a traitor, his revelations have forced IT and business decision makers to rethink how they encrypt their data. That will be a key issue in the coming year.

Posted by Jeffrey Schwartz on 12/16/2013 at 1:21 PM

Featured

Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.
What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.