NSA Chief Warns Of Pending Cyberattack... Which He Wants To Make Easier With Backdoors

from the ridiculous dept

NSA Director Admiral Mike Rogers has often seemed somewhat more reasonable than his predecessor, but he's still not above spewing FUD. The latest is that, last week, he pulled out the favorite of surveillance state supporters everywhere: the pending cyberpocalypse, in which hackers take down the economy. Prepare for the "dramatic cyberattack" that is inevitably on the way:
The director of the National Security Agency issued a warning Thursday about cyberthreats emerging from other countries against networks running critical U.S. infrastructure systems.

Adm. Michael Rogers said he expects a major cyberattack against the U.S. in the next decade. “It’s only a matter of the ‘when,’ not the ‘if,’ that we are going to see something dramatic,” he said.
Of course, as venture capitalist/entrepreneur Marc Andreessen pointed out in response, the best way to stop that from happening would be to not require that software have backdoors that can easily be hacked:

And, in some ways, it's even worse than that. Even as law enforcement, intelligence officials and clueless commentators keep pushing for less encryption and more backdoors, those in the actual security world know that the best way to keep things secure is with more encryption, not less. It means fewer security holes and backdoors, not more. And yet the NSA seems to be working actively against that.

Filed Under: admiral michael rogers, backdoors, cyberattack, marc andreessen, nsa


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Rich Kulawiec, 24 Nov 2014 @ 1:54pm

    He's right -- except for one small detail

    There has been a major cyberattack -- the news just broke yesterday: http://www.pcworld.com/article/2851472/symantec-identifies-sophisticated-stealthy-regin-malware.html and http://www.theregister.co.uk/2014/11/24/regin/ provide a quick guide to it.

    Oh. That one small detail? It looks like the US and the UK are the ones behind this: http://www.zdnet.com/now-we-know-who-developed-state-sponsored-regin-malware-7000036111/

    Oops.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Nov 2014 @ 9:02pm

      Re: He's right -- except for one small detail

      Thx for the links.
      So the US has been involved in the 2 big attacks (stux and this one)? No wonder they are affraid people will attack them. If you keep punching someone chances are the person will fight back sooner or later.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 1:57pm

    Lets put in the backdoors so that after they have been used to take over our systems in a cyberattack we can attack right back; seems like a good plan.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 1:57pm

    This wouldn't be the same "cyber-Pearl Harbor!" the government was trying to scare us with a couple of years ago, would it?

    You'd think after years of being frightened somebody would have moved "critical U.S. infrastructure systems" off the fucking internet.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 1:58pm

    >Something will happen within the next ten years.

    Frankly, i'm surprised it hasn't happened yet. That bet is pretty conservative considering how insecure everything is.

    reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 24 Nov 2014 @ 2:03pm

    The Golden Key

    They want back doors that require a Golden Key.

    Of course, these Golden Keys would never fall into the wrong hands*.


    *wrong hands includes but is not limited to: the NSA, CIA, FIB, other government agencies, state and local police forces, and other criminal organizations.

    reply to this | link to this | view in chronology ]

    • identicon
      Chris Brand, 24 Nov 2014 @ 2:08pm

      Re: The Golden Key

      I thought they'd said that they didn't want back doors any more. Now they want magical front doors or ... wands of polymorph or something.

      reply to this | link to this | view in chronology ]

      • icon
        Rikuo (profile), 24 Nov 2014 @ 2:27pm

        Re: Re: The Golden Key

        I remember those wands in Baldur's Gate. Turned targets into squirrels. Is that what they really want?

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 24 Nov 2014 @ 5:39pm

          You'd have to be nuts not to

          The ability to turn smartphone and computers into squirrels?

          Who wouldn't want that ability?

          reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 24 Nov 2014 @ 8:45pm

          Re: Re: Re: The Golden Key

          Is that what they really want?

          No it's more like the Cursed Potion of Speed:

          "The character is out of control and will wander around and attack others (including allies) randomly."

          reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 24 Nov 2014 @ 2:27pm

    The director of the National Security Agency issued a warning Thursday about cyberthreats emerging from other countries against networks running critical U.S. infrastructure systems.

    You know how you solve that problem? Don't connect critical systems to the internet in the first place. If someone has to be physically at the location of the system in order to even be able to hack into it, that right there will eliminate the vast majority of threats.

    If they really cared about keeping critical systems safe, that is what they would be pushing. Instead what are they pushing for? Less security, by introducing and making mandatory more vulnerabilities in those systems, and for no other reason than to make their jobs easier.

    They don't want critical systems to be secure, they want them to be vulnerable, as it gives them an excuse to swoop in and offer to 'protect' them.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Nov 2014 @ 3:05pm

      Re:

      If you need remote access for monitoring and control, which usually has low data requirements, use a ring back/ring the control center on state change system. That way only the control center has the ability to control the system, and all anybody else can do is get it to ring the control center.

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 24 Nov 2014 @ 5:13pm

        Re: Re:

        Still leaves open the most effective hacking method(social engineering), but it would at least be a better method than having the systems accessible directly from off-site.

        reply to this | link to this | view in chronology ]

  • icon
    Roger Strong (profile), 24 Nov 2014 @ 2:37pm

    Lead By Example

    Perhaps Director Rogers could demonstrate his sincerity by installing back doors in intelligence agency systems for better congressional oversight.

    reply to this | link to this | view in chronology ]

  • icon
    ChurchHatesTucker (profile), 24 Nov 2014 @ 2:47pm

    OK...

    Adm. Michael Rogers said he expects a major cyberattack against the U.S. in the next decade.

    So, any year now...

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 2:48pm

    Classic doublethink.
    Make things more secure by making it less secure.
    Par for the fucking course.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 2:53pm

    If you stare into a mirror and keep chanting "cyberwar, cyberwar" the headless ghost of a Chinese hacker will appear RIGHT BEHIND YOU!!!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 2:56pm

    Of course the NSA is pushing for backdoors! Haven't you guys been reading about Regin, the newly disclosed nation-state malware that's been backdooring GSM cellphone network infrastructure and backdooring cryptography expert computers?

    http://www.securityweek.com/symantec-uncovers-stealthy-nation-state-cyber-attack-platform

    h ttps://threatpost.com/regin-cyberespionage-platform-also-spies-on-gsm-networks/109539

    Telling the NSA and GCHQ to give up their backdoors, is like asking a crack addict to quit using crack.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 3:03pm

    The other interesting thing about the Regin backdoor, is all the cellphone tracking technology built into cellphones by law. Is now under hacker's control.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 24 Nov 2014 @ 4:05pm

      Re:

      Given the choice between some hacker's control and the government's control, I'll take the hacker's. What's he going to do? Demand my dirty pictures? Put smarmy ads on my phone? Steal my paltry few dollars?

      And what would a government do? Monitor my communications/movements for the ever-shifting 'suspicious behaviour'. Mark my location for the army of minimum wage armed thugs itching to play with their military-grade hardware. And, ultimately, put my data in an unsecured laptop left in the back of a car where some hacker will get it anyway.

      reply to this | link to this | view in chronology ]

      • icon
        orbitalinsertion (profile), 24 Nov 2014 @ 5:58pm

        Re: Re:

        Yeah, if only the government just wanted a fifty dollar GreenDot money transfer to "fix the computer" that is definitely going to crash in the next day or two.

        reply to this | link to this | view in chronology ]

      • icon
        BernardoVerda (profile), 24 Nov 2014 @ 8:27pm

        Re: Re:

        Get abused &/or exploited by criminals;
        Get abused &/or exploited by corporations;
        Get abused &/or exploited by government;

        What makes you think any of these are necessarily preferable to any of the others (aside from some deficiency of the imagination)?

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 24 Nov 2014 @ 8:49pm

          Re: Re: Re:

          ... the criminals at least are honest enough about their actions and don't pretend that they're screwing you over 'for your own good'?

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 25 Nov 2014 @ 10:53am

            Re: Re: Re: Re:

            Not to mention that you can actually fight criminals. That is what makes cops scarier. Even if they're deep in the wrong you're still screwed for fighting back.

            reply to this | link to this | view in chronology ]

            • icon
              That One Guy (profile), 25 Nov 2014 @ 3:20pm

              Re: Re: Re: Re: Re:

              Yeah, I'll take a mugger over a cop any day. I can defend myself from a mugger, trying to do the same with a cop is likely to get me hospitalized, killed, or thrown in prison.

              reply to this | link to this | view in chronology ]

        • identicon
          AnonyBabs, 25 Nov 2014 @ 12:24pm

          Re: Re: Re:

          Criminals cannot "legally" throw you in jail or physically deprive you of all possessions or kill you. Corporations can but have to try pretty hard. Governments scarcely have to try at all.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 3:46pm

    They already been approved tons of everything to catch those in the War On Drugs. Funny how that hasn't stopped anything. They've arrested so many that we have the worlds' #1 amount of prisoner population. Yet we are still hearing from those the cry for every more access.

    Russia and it's various old satellites it gave up have been a steady source of malware for robbing banks electronically for better than a decade. They almost never catch the ones that did it. Same with credit cards.

    Now pile on this pile that the US has owned up to distribution malware. Those little gems like Stuxnet or the recently discovered Regin. A/V companies say only a state sponsored program can deliver it at this level of complexity. Congress got the willies over China's possible hacking of routers, banning them in the US. Then up comes a photo of the NSA doing the same damn thing.

    Face it, the US escalated this and now they are running with a guilty conscious. The Pearl Harbor is the fear that others will do what the US has shown it can do. I'm getting to where I fear my government and their actions more than the hackers.

    reply to this | link to this | view in chronology ]

  • identicon
    tomczerniawski, 24 Nov 2014 @ 4:26pm

    "Peedy-files and terrorists! Hackers behind every blade of grass! Doom closing its icy fingers around your throats, citizens of America! Now, turn over your encryption keys, so we can keep you niiiiice and safe..."

    reply to this | link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 24 Nov 2014 @ 4:35pm

    Because Logic!

    my last version of this post submitted prematurely without a message. All apologies.

    No wait! Because lies!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 4:44pm

    There will be attacks - enabled by the backdoors.

    -Self fulfilling prophecy-

    reply to this | link to this | view in chronology ]

  • icon
    drjimmy (profile), 24 Nov 2014 @ 4:58pm

    Let's face it, the people in charge of the security of this country are basically idiots. This is why they argue contrary to experts and common sense. In order for the government (made up of idiots) to do their jobs, it has to be easy.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 24 Nov 2014 @ 5:07pm

      Re:

      Idiocy would probably be an improvement actually, as you can educate an idiot, and as long as it's a well meaning idiot, there's at least a chance they'll change when they are shown how their actions are just making things worse.

      No, the NSA's main problems are arrogance and indifference. They assume that no-one could possibly take advantage of the security weaknesses they create, and simply don't care how much they screw over everyone else, as long as they can continue to do whatever they want to.

      reply to this | link to this | view in chronology ]

  • icon
    BentFranklin (profile), 24 Nov 2014 @ 5:03pm

    If the NSA is so competent at securing computers, why doesn't the NSA start by securing all the government computers? They don't even have to ask permission because the government already owns them. If the NSA can totally secure all the government computers, then I'll consider letting them handle my security.

    reply to this | link to this | view in chronology ]

  • identicon
    justme, 24 Nov 2014 @ 5:43pm

    Problem: Your house will be burglarized within the next 10 years.
    Solution: Install new locks on all doors and leave a key under the doormat so we can ensure your house is secure!

    doh! :)

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 8:39pm

    FBI wants a Golden Key, so they can give us a

    Golden Shower on all of our rights.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 10:05pm

    ...the pending cyberpocalypse, in which hackers take down the economy.
    It took him all this time to find out that Keith Alexander is working with the financial industry?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 24 Nov 2014 @ 10:34pm

    It is kind of funny...

    10 years ago they were all like: "Every country should be like ours... the land of the free and democracy"
    Today they are like: "FEEEEAR the world! because there might be people out there who are as bad as we are!"

    reply to this | link to this | view in chronology ]

  • identicon
    Guardian, 25 Nov 2014 @ 6:42am

    as a hacker i applaud this move

    teehee ....we wil get your back doors too , thanks to your govt....

    and we wont tell you when we pwn you....enjoy

    reply to this | link to this | view in chronology ]

  • identicon
    comment held for moderation, 25 Nov 2014 @ 6:44am

    censorship on techdirt

    OH MY

    seems the web gods have turned shit up on this site to make it bend over...

    as said as a actual hacker im laughing my ass off at this....can't wait to test out all the apps after this passes and its like being back in the xp days for years we held a nice lil back door , heck sony even got hold of that rootkit....with process hiders and anti virus protecting it , WEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE

    good times....

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 25 Nov 2014 @ 9:19am

    Critical infrastructure to the nation should not be connected to the fucking internet. How difficult is this to comprehend?

    reply to this | link to this | view in chronology ]

  • icon
    GEMont (profile), 26 Nov 2014 @ 1:54am

    Look!! In the Sky!! Its a Terrorist! No its a Cyber Terrorist!!

    "“It’s only a matter of the ‘when,’ not the ‘if,’ that we are going to see something dramatic,” he said. "

    Oh absolutely.

    As soon as the CIA and NSA can be reasonably sure that their crack Army Signals hacker team won't get caught, and can make it appear to be an attack by ISIS/ISIL - they'll be pulling another Electronic Pearl Harbor on the Good Old Gullible US citizenry for certain.

    If they can fake a terrorist attack by ISIS/ISIL on American soil - so to speak - just think how the US public will be shitting their pants and demanding the USG protect them from the masked evil overlords of doom.

    And it'll work too. Every false flag op the USG has pulled since the Lucitania has worked like a charm, just like Goering said they would.

    =====================================================
    "Naturally, the common people don't want war;
    neither in Russia nor in England nor in America,
    nor for that matter in Germany.
    That is understood. But, after all, it is the leaders
    of the country who determine the policy and
    it is always a simple matter to drag the people
    along, whether it is a democracy or a fascist
    dictatorship or a Parliament or a Communist
    dictatorship. Voice or no voice, the people can
    always be brought to the bidding of the leaders.
    That is easy. All you have to do is tell them
    they are being attacked and denounce the
    pacifists for lack of patriotism and exposing
    the country to danger. It works the same way
    in any country."

    - Hermann Goering, Nazi Reichsmarshall
    ===================================================

    These guys spend probably three quarters of their time manufacturing possible false flag scenarios, for fun and profit. After all, there is no better "enemy" than the ones you create yourself, from whole cloth.

    ---

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.