Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Tasked With 'Policing' Government Networks

Posted by Zonk on from the grid-overwatch-division dept.

Novus Ordo Seclorum writes "The NSA has a new assignment. No longer merely responsible for signals intelligence, the NSA now has the task of defending against cyber attacks on government and private networks. 'The plan calls for the NSA to work with the Department of Homeland Security and other federal agencies to monitor such networks to prevent unauthorized intrusion, according to those with knowledge of what is known internally as the 'Cyber Initiative.' Details of the project are highly classified. Director of National Intelligence Mike McConnell, a former NSA chief, is coordinating the initiative. It will be run by the Department of Homeland Security, which has primary responsibility for protecting domestic infrastructure, including the Internet, current and former officials said. At the outset, up to 2,000 people -- from the Department of Homeland Security, the NSA and other agencies -- could be assigned to the initiative, said a senior intelligence official who spoke on condition of anonymity.'"

18 of 93 comments (clear)

  1. Government Networks by mastershake_phd · · Score: 3, Insightful

    I would hope important government networks would not be on their own network and thus not susceptible to "cyber" attacks.

    --
    Libertarian Leaning Political Discussion Forum.
    1. Re:Government Networks by Walt+Dismal · · Score: 4, Funny

      I'm sure they will be just as competent as the TSA. Every packet will be strip-searched, cavity-probed, and required to drink its own breast milk. All packets will have to take their shoes off. And all packets named Ted Kennedy will be put on a "No Fly" - oops I mean "No Route" - list. All in the name of protecting the purity of your ones and zeros. We don't want any Muslim data sullying our clean Baptist data bits.

    2. Re:Government Networks by blueg3 · · Score: 2, Informative

      The important government networks are on their own network, though there's some evidence that there are a few improper bridges between the two networks. The NSA has, in the past, been tasked with guarding these private networks.

      This new program is tasking the NSA to also guard important public networks.

      My suspicion is that this is providing funding and regulations for a task the NSA was already falling into doing. There have been some rumors going around about the NSA dropping support for SELinux because they do the bulk of the work, but that's not really their job.

    3. Re:Government Networks by Martin+Blank · · Score: 2, Informative

      Actually, there's a good chance that you will. I suspect that we'll see a resurgence of the NSA Security Configuration Guides (which already have seen a little bit of a spike in the last couple of months) as this spreads out, including information on how to pick firewalls and IDS, additional information about securing a DMZ and even when to use them, and further recommendations on how to lock down clients. Microsoft has picked up some of the heavy lifting when it comes to the major portions, as its security guides for Windows 2003 and Vista are considered acceptable to the NSA, and the follow-up for Windows 2008 will probably be similarly considered good enough. But there are still topics that are not dealt with as well (or at least as concisely) by other vendors, and as such, the NSA will probably help to pick up the slack.

      If nothing else, the documents provide valuable positive public relations, and (all pseudo-conspiratorial snickering aside) are widely considered to be very well-written documents that can and often do serve as the security base for many network environments.

      --
      You can never go home again... but I guess you can shop there.
  2. DHS,FBI,NSA... by timmarhy · · Score: 3, Insightful
    How many freaking police departments does america need? all 3 of them seem to be falling over each other in one big orgy of mission statments and juristiction battles.

    not to mention the litteny of local and state police departments.

    --
    If you mod me down, I will become more powerful than you can imagine....
  3. Depends on what you mean by Sycraft-fu · · Score: 5, Informative

    The FBI is the only police department, at least at this point. The FBI is the federal government's police. Most policing is done at the city or county level, some at the state level. However for crimes that span states, crimes on federal land/property, crimes against the federal government and so on there is the federal police, the FBI. The NSA and CIA are not police agencies, they are spy agencies. The CIA is human intelligence, the NSA is signals intelligence. What that means is the CIA is all about getting information from people, be it by attempting to place spys or turning other agents or whatever. The NSA is all about getting information electronically, by wiretapping, listening in on radio waves, and so on.

    The reason to have these separate is in part because it is very different kind of jobs, but also to try and prevent abuses. In theory (though we've seen that it isn't obeyed) the CIA and NSA don't do domestic operations. They are for spying on foreign powers, not US citizens. By maintaining an organizational divide it helps keep abuses down.

    The DHS is a good idea at the high levels in an amazingly fucked up and retarded implementation. The idea is that the NSA and CIA often know things that the FBI doesn't, and vice versa. This is not to mention other intelligence agencies and so on. So often, everyone has a piece of the picture, but nobody can see the whole thing. This was the case with the time leading up to 9/11. Various groups knew pieces, but nothing solid. So the idea is DHS helps get the information collected and formed in to a solid picture. They get facts from all groups, NSA, CIA, FBI, customs, state and local cops and so on, and to then be able to coordinate action.

    In reality they are a big waste of time and money that does nothing useful.

    But really we want intelligence and police to be separate and we also want the police broken down in terms of power. Having one big federal police force would be problematic. At least with local policing voters can, in theory, hold their police more accountable. They have a say in how local issues are handled. Also, laws differ from state to state. What is true in one state is not true in all of them. Law enforcement needs to be segmented to take that in to account.

    As a comparison look to Europe. There you are talking about an area of similar size and population (similar as in the same basic level, not as in equality). While there are European wide things like Interpol, each nation has it's own police, and often subdivisions below that. Also those police forces are usually separate from intelligence forces.

    The US really isn't different in that regard, it is just a very large nation. A great many nations are smaller than a number of US states.

    1. Re:Depends on what you mean by CRCulver · · Score: 5, Informative

      The CIA is human intelligence, the NSA is signals intelligence.

      The NSA also has the task of assisting American businesses in avoiding economic espionage. They publish specifications such as TEMPEST shielding and red-black separation which are distributed to (worthy) members of the civilian community. Though the NSA often has the reputation of being the most secret of all federal agencies, they are remarkably open in some aspects. See James Bamford's Body of Secrets for a good view of how the NSA changed a great deal in the aftermath of the Cold War.

    2. Re:Depends on what you mean by vtcodger · · Score: 2, Interesting
      ***The FBI is the only police department, at least at this point.***

      Except of course when the ATF (Treasury Department), Secret Service(DHS), DEA (Justice Department), etc, etc, etc is the federal police department.

      ***What that means is the CIA is all about getting information from people, be it by attempting to place spys or turning other agents or whatever***

      Not really. That's part of their job, but mostly they are supposed to integrate public information (e.g what they read in foreign newspapers and hear on local broadcasts overseas) with information from the other two dozen intelligence agencies into a single, coherent whole.

      ***The DHS is a good idea at the high levels***

      You're certainly entitled to have an opinion on that. But I have my own which is that it is an absolutely terrible idea. It's goal inevitably will be to restrict freedoms (including some purportedly guaranteed in the constitution). It will, I predict, be totally ineffective in making the homeland more secure. Who is going to protect us from the DHS? (Quis custodiet ...)

      I don't have any problem with NSA and the intelligence agencies although there are way too many of them. If you ask me, we need more intelligence analysts and fewer unworkable anti-ballistic missile systems.

      But I have little use for a central police department. The Secret Service has a relatively decent record (They do counterfitting as well as protection), and ought the be retained. The FBI doesn't have that good a record. Neither does the ATF. The DEA is worse (we lost the war on drugs decades ago. We should find an enemy and surrender). And the DHS is a disaster. We should take a decade and rebuild this mess from scratch. I won't be terribly troubled if we lose 80% of it in the makeover..

      --
      You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey
    3. Re:Depends on what you mean by ScrewMaster · · Score: 2, Insightful

      That's the problem with doing intelligence stuff --- not much glory.

      Kinda like the average network administrator.

      --
      The higher the technology, the sharper that two-edged sword.
  4. NSA hardened Linux... by Joce640k · · Score: 2, Informative

    The NSA has their own Linux distro, specially hardened for security.

    Let's hope they start deploying it more widely... :-)

    --
    No sig today...
    1. Re:NSA hardened Linux... by Wyzard · · Score: 3, Insightful

      SELinux is not a distribution, it's a security module in the kernel. These days it's part of the standard kernel.org tree, and some distributions (such as Fedora/RHEL) enable it by default.

    2. Re:NSA hardened Linux... by crmartin · · Score: 2, Interesting

      Well, no. At first, SELinux was a full disty because you needed kernel hacks. Now, the kernel hacksfeatures are in the standard kernel, but you still need additional userland components to use them.

      Or, better yet, you can get Solaris 10, add in Trusted Extensions, and get all the power of SELinux and a multilevel X server, with Common Criteria and FIPS certifications.

  5. Setec Astronomy by Wowsers · · Score: 2, Funny

    ... Details of the project are highly classified. But not secret enough to issue a press release about it?
    --
    Take Nobody's Word For It.
  6. Re:Which is worse? by JamesRose · · Score: 2, Interesting

    I live in england, my school monitors my internet use, has over 30 surveillance cameras, including in our study area, has finger print activated doors and has my finger prints on file.

    America's got nothing on us, don't worry, I'm leaving my school ASAP, insisting they delete all the information and if they don't provide me with satisfactory use they have I'll sue them.

  7. How this Will Be Implemented by Jah-Wren+Ryel · · Score: 2, Funny

    2008 PRNewsWire - Today Symantec and the NSA announce a merger. The NSA will become a wholly owned subsidiary of Symantec Corp. In exchange, Symantec will issue 100,000 shares of common stock to each member of Congress.

    Coming soon to a network near you - NortonNSA!

    --
    When information is power, privacy is freedom.
  8. Is this really news? by Anonymous Coward · · Score: 2, Informative

    I know NSA is the bad guy of the week, but this doesn't really sound like a "new responsibility" to me. NSA has, almost from the beginning, been composed of the Signals Intelligence and the Information Assurance Directorate, which does exactly what this article is talking about, and has for quite some time now.

  9. This might actually work. by Animats · · Score: 4, Insightful

    This actually makes some sense. NSA has two main divisions - Signals Intelligence, which collects information, and Information Assurance, which tries to protect US information. Traditionally, these were the codebreaking and codemaking sides of the agency.

    It's a boost for NSA Secure Linux. The real intent of NSA Secure Linux, by the way, was not to plug holes in Linux. It was to get something that enforced mandatory security out into the community, so that that applications would be converted to run under stricter rules. For example, a browser should be running as several components, some of which are secure but dumb and some of which are insecure but untrusted. Few application developers picked up on this. That part didn't get enough community attention.

    NSA takes a quite different view of computer security than the "security industry". They're less concerned about annoying high volume attacks, and more concerned about quiet, focused attacks aimed at specific targets. They're also very interested in who's behind the attack, and will devote collection resources to finding out more about the attackers.

    This last may give some attackers something to worry about.

  10. Re:Bound to make the next issue of the 360is quart by crmartin · · Score: 2, Insightful

    Can we say "traffic whoring", children? I knew we could.