Expected Next Defense Department Boss Claims Snowden Leak A 'Huge Detriment' To US, Willing To Give Cybersecurity To FBI

from the of-course dept

It’s widely expected that Ashton Carter is going to be nominated as the next Defense Secretary to replace Chuck Hagel, who recently was pushed out by President Obama. So it seemed like an opportune time to see that the latest podcast from venture capital firm Andreessen Horowitz was actually a panel discussion involving Carter and Yahoo’s security boss Alex Stamos. The whole podcast is actually quite interesting:

However, what struck me is that Carter actually makes a comment about Ed Snowden. In the past, Carter (who was deputy Defense Secretary — and, remember, NSA is a part of the Defense Department), has shied away from commenting on Snowden’s actions, instead focusing on the internal issues that allowed Snowden to do what he did. Here, he does more of the same, but drops in an aside about Snowden’s actions causing damage:

If anyone thinks we did a good job protecting Defense networks, take a look at Edward Snowden. Whatever you think of that, it was a classic insider threat — realized to the huge detriment of the country.

It would seem that his “whatever you think of that” is immediately negated by his “huge detriment to the country.” But I’m curious as to what that huge detriment really is. So far, all we’ve seen is that it revealed to the public abusive practices of the NSA and its partners, widespread mass surveillance on Americans that has raised significant questions of legality and constitutionality by all three branches of government. And yet, what hasn’t been shown is any harm caused by this.

Not that I’d expect a bigshot in the Defense Department to celebrate Snowden’s whistleblowing, but at the very least, you’d hope that some would avoid throwing around bogus smears that don’t seem to be supported by reality.

Later in the discussion there is a pretty interesting look at the state of cybersecurity issues. The big “information sharing” question is brought up, but more interesting is that Carter seems to admit that he’d be okay with the Justice Department handling cybersecurity issues, rather than the Defense Department. This is actually quite surprising. For years, we’ve highlighted that much of the fight within the government concerning cybersecurity legislation was really nothing more than a turf war between the Defense Department (NSA) and Homeland Security over who would get the purse strings for the massive cybersecurity budget. While Homeland Security has its problems, we’d greatly prefer a civilian agency have control over the situation, rather than a military one using its signals intelligence agency for cybersecurity (since the two goals there are clearly at odds). Carter surprisingly admits that it’s something of a turf battle, but seems to indicate his comfort with a third player handling it instead: the Justice Department. In fact, he even basically notes that, contrary to what the NSA (and others in the Defense Department) have claimed in the past, the NSA really isn’t that good at cybersecurity, since that’s not what its job is about:

A lot of the threat information that the government collects in the counterintelligence area, counterterrorism, protect your own networks area — some of its germane, but a lot of it is not really germane to these commercial attacks. Said differently, the government isn’t collecting a lot of information about these attacks. That’s thing one.

Thing two, which is less acceptable, is in this… the US federal government has still not made a decision in the manner of cyberdefense of the kind it had to make in the area of counterterrorism. Which is: is this an attack, a crime or a disaster? Now, why does that matter if it’s all three? Well, if it’s an attack, then you expect you defense establishment to take care of it. If it’s a crime, then you expect your law enforcement establishment to take care of it. And if it’s a disaster, then you expect your Homeland Security apparatus to take care of it.

So there’s been this sort of three-fold struggle over this. And you add this huge layer of lawyering — government lawyering, which is even worse — on top of this, and you have stasis and paralysis…. Even that which is collected and could be shared is inadequately shared, because of those trivial bureaucratic [logjam]….

… I think you see Jim Comey trying to [break that logjam]. My attitude, when I was representing the Defense Department, to Jim and his predecessor Bob Mueller, my attitude was ‘I’m not going to try to claim this. Go for it. And I’m 100% behind you.’ I could never get Homeland Security, quite honestly. Because they had the attitude that they wanted this bureaucratically. I mean all bureaucracies want things. And they wanted this. But they didn’t have the capability. Comey had the authorities and some reasonable technical capabilities. We had a lot of technical capability, but I didn’t feel like we were the right people to do it.

So my attitude was, “this is a national problem, let me just get in behind Jim and tell all my bureaucrats to stuff it and stop fighting with him and trying to seize it yourself” but I never got Homeland Security to that point of view.

That’s pretty interesting — because for years the view from the outside has always been that the Defense Department was the one that was actively demanding this control. The NSA, under Keith Alexander in particular, was pretty blatant about wanting the cybersecurity mandate. If Carter is really willing to give that up, that’s interesting. Though, of course, the NSA and FBI have a fairly close relationship — and I don’t see how handing this mandate over to the FBI is such a good idea either. You pretty quickly run into the same issues the NSA had (though sometimes with even less oversight).

Either way, given how much attention Carter is likely to get for his expected new role, it seems worth noting his views on these things that we discuss around these parts pretty frequently.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Expected Next Defense Department Boss Claims Snowden Leak A 'Huge Detriment' To US, Willing To Give Cybersecurity To FBI”

Subscribe: RSS Leave a comment
Violynne (profile) says:

But I’m curious as to what that huge detriment really is.
Well, let’s talk for starters all the business that’s being lost overseas by the NSA’s actions, the growing distrust of Americans against their own government, and the realization we’ve politicians who think the Constitution is more of a set of “guidelines” rather than the founding purpose for the reason this country exists.

Oh, wait a second. I see what you’re doing here. You’re asking about the detriment on their side.

I can probably count on one hand the people who care about that side, and from that, can show you who truly hates this country’s freedoms.

mcinsand (profile) says:

Re: What detriment!?!? I'll tell you what detriment!

Snowden’s revelations were a huge detriment to those in congress, senate, and NSA that believed that the Constitution was only to protect the little people from other little people. Snowden showed us that, given any chance at all, our government will happily shred The Bill of Rights while demonizing anyone that exposes their activities.

Anonymous Coward says:

Re: Re:

It seems a little overreached to conclude a bad intent on that comment. To me, his words mean that insider threats, in general, are a detriment.

When that is said, we can probable agree that “classic insider threat” is not even close to a relevant description of Snowden. Conscience leaks or whistleblowing is a relatively new thing and very easily distinguished from incentive based non-public leaks.

Calling this type of action a “classic insider threat” is problematic from the point of security since – if for nothing else – avoiding this type of action will take a completely different approach compared to classic espionage activity.

Anonymous Coward says:

If by “cybersecurity” he means actual SECURITY, and not “what the NAS has been doing so far in terms of cybersecurity”, then that might not be a bad idea.

Separate the defense from the offense. However, I very much fear this is intended to give FBI the same kind of hacking powers as NSA, which is what FBI has been asking for a while, too.

TruthHurts (profile) says:

Wasn't a detriment to the Country, only its' image of itself.

Snowden did a great favor to the citizens of the U.S.

He showed us where the corruption was.
He showed us where the real terrorists were (inside the government).
He showed us who the greatest threats to our way of life were (again, inside the government).

Snowden for President, 2016, 2020, 2024, 2028 (yes, I’d repeal term limits exclusively for Snowden).

Anonymous Coward says:

I thought the harm was that their criminal actions have been exposed and now they are worried about patriots rising to defend their country before its overthrown by the criminals in charge trying to legally deprive americans of their constitutional rights.

That is a very big threat to those that would rather have serfs than citizens

Buffy says:

I must take issue with the part about preferring to have a civilian agency in charge of cyber security. The NSA has made substantial contributions on that side as well as the more publicized attacks, where the DHS/DoJ/FBI seem to be a bunch of useless fools who mostly just get in the way and aim at the wrong targets. Of course “wrong targets” is subjective, but I’m assuming there may be more legitimate reasons to surveil foreign governments or actual hostiles than students who want to share public domain documents or people with unpopular opinions.

Anonymous Coward says:

Either way, given how much attention Carter is likely to get for his expected new role, it seems worth noting his views on these things that we discuss around these parts pretty frequently.

It just hit me that him saying those things in the interview was a signal to the DOD that he’s a team player. He’s basically subordinating himself to his underlings before he’s taking the position. Disgraceful.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...