National Security Agency

NSA launches new cybersecurity directorate to ‘prevent and eradicate threats to national security systems and critical infrastructure’

The National Security Agency announced the creation of a new fifth domain-focused internal organization that will “work to prevent and eradicate threats to national security systems and critical infrastructure, with an initial focus on the defense industrial base and the improvement of our weapons’ security.”

From the announcement:

The Cybersecurity Directorate will reinvigorate NSA’s white hat mission by sharing critical threat information and collaborating with partners and customers to better equip them to defend against malicious cyber activity. The new directorate will also better position NSA to operationalize its threat intelligence, vulnerability assessments, and cyberdefense expertise by integrating these efforts to deliver prioritized outcomes.

Related, the NSA General Counsel Glenn Gerstell wrote an extensive editorial for The New York Times calling for a more proactive approach to cyber resilience and a concerted, proactive effort supporting the agency’s online security efforts. Gerstell outlines four areas where policymakers must take note of.

The first is that the unprecedented scale and pace of technological change will outstrip our ability to effectively adapt to it. Second, we will be in a world of ceaseless and pervasive cyberinsecurity and cyberconflict against nation-states, businesses and individuals. Third, the flood of data about human and machine activity will put such extraordinary economic and political power in the hands of the private sector that it will transform the fundamental relationship, at least in the Western world, between government and the private sector. Finally, and perhaps most ominously, the digital revolution has the potential for a pernicious effect on the very legitimacy and thus stability of our governmental and societal structures.

Video:

Learn more at nsa.gov/cybersecurity.

NSA challenges students to test their cyber skills in mock national security exercise

Codebreaker

The National Security Agency will host a “cyber-challenge similar to those that regularly threaten national security,” open to students at any U.S. based academic institution. The exercise will run from September 20, 2019 to January 10, 2020.

From NSA:

The annual Codebreaker Challenge offers students a closer look at the type of work done at NSA and provides the opportunity to develop skills needed to achieve the Agency’s national security mission. The problems touch on skills like software reverse engineering, cryptanalysis, exploit development, block chain analysis and more.

This year’s challenge scenario is about tech savvy terrorists who have developed a new suite of communication tools that are being used for attack planning purposes. Intelligence suggests the terrorists are communicating via TerrorTime, a custom Android secure messaging app. Those who attempt the challenge will be required to reverse engineer and develop new exploitation capabilities against TerrorTime to enable message spoofing, user masquerades, and message decryption.

Release: NSA Launches Latest Codebreaker Challenge