WASHINGTON– While Congress and the technology community are still debating and discussing the intelligence gathering capabilities of NSA revealed in recent months, the agency’s director, Gen. Keith Alexander, is not just defending the use of these existing tools, but is pitching the idea of sharing some of the vast amounts of threat and vulnerability data the NSA and other agencies possess with organizations in the private sector. Speaking at a time of great scrutiny of the agency and its activities, Alexander said that the NSA, along with other federal agencies such as the FBI, Department of Homeland Security and CIA, need to find a way to share the attack and vulnerability information they collect in order to help key private organizations react to emerging threats. Though the idea is still in its formative stages, Alexander said that it potentially could include companies in foreign countries, as well. “We need the authority for us to share with them and them to share with us. But because some of that information is classified, we need a way to protect it,” Alexander said during a keynote speech at the Billington Cybersecurity Summit here Wednesday. “Right now, we can’t see what’s happening in real time. We’ve got to share it with them, and potentially with other countries.” In order to accomplish this real-time information sharing–something that security experts in the government and private sector have been discussing for years–Alexander said legislation is needed to lay out the parameters of the program, what can be shared and how it can be done. Pointing to the spate of DDoS and targeted attacks that have plagues banks in the United States in the last year or so, Alexander said that responding to such large-scale attacks requires “shared situational awareness” to enable the targets and agencies such as NSA and the FBI to share data as the attacks unfold. “The answer is that nobody sees it today. We don’t have that shared situational awareness we need,” he said. “So we’re developing a common operational picture. If we can’t see it, we can’t respond to it. We have to do that at network speed. We have to share what we know about those threats and they have to tell us what they see. This is where Internet service providers are critical, not just here but with our allies.” The fragmentation of cyber threat intelligence inside the government has been an issue for as long as there have been threats. Several agencies now gather huge amounts of threat data, including the NSA, CIA, DHS and military branches. While they may share that data among themselves, little if any of it finds its way into the private sector. Classification rules and other hurdles stand in the way of sharing much of this data, and Alexander said some way must be found to remedy that problem. “We have to work with industry, because we can’t see it. Right now what happens is the attack goes on and we’re brought in after the fact. And I can guarantee you 100 percent of the time we cannot stop an attack after the fact,” Alexander said. “That legislation that we’re pushing for is absolutely important for our country.” Speaking to a crowd of mainly industry and government workers, Alexander appealed to them to help support the information sharing concept and any legislation that may be required to implement it. “We need industry to work with us on cyber legislation,” he said. Alexander added that the NSA has capabilities that other agencies and private organizations don’t that could be of use in ongoing attacks. “We don’t want NSA or Cyber Command doing something irresponsible, but we don’t want to be watching while Wall Street is taken down,” he said.
Google is working on a new system that enables the company to collect randomized information
The Lollipop version of Android enhances its use of SE Linux, bringing application enforcement to the kernel level, and turns on device encryption by default.
The maintainers of the Drupal content management system are warning users that any site owners who haven’t patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised.