[Infowarrior] - Control of Cybersecurity Becomes Divisive Issue

Richard Forno rforno at infowarrior.org
Fri Apr 17 11:54:22 UTC 2009 

April 17, 2009
Control of Cybersecurity Becomes Divisive Issue
By JAMES RISEN and ERIC LICHTBLAU

http://www.nytimes.com/2009/04/17/us/politics/17cyber.html?hp=&pagewanted=print

WASHINGTON — The National Security Agency has been campaigning to lead  
the government’s rapidly growing cybersecurity programs, raising  
privacy and civil liberties concerns among some officials who fear  
that the move could give the spy agency too much control over  
government computer networks.

The Obama administration is expected to complete an internal  
cybersecurity review on Friday and may publicly announce its new  
computer-security strategy as early as next week, White House  
officials said Thursday. That plan will determine the scope of  
cybersecurity efforts throughout the federal government, they said, as  
well as which agencies will take leading roles in protecting the  
government’s computer systems.

The security agency’s interest in taking over the dominant role has  
met resistance, including the resignation of the Homeland Security  
Department official who was until last month in charge of coordinating  
cybersecurity efforts throughout the government.

Rod Beckstrom, who resigned in March as director of the National Cyber  
Security Center at the Homeland Security Department, said in an  
interview that he feared that the N.S.A.’s push for a greater role in  
guarding the government’s computer systems could give it the power to  
collect and analyze every e-mail message, text message and Google  
search conducted by every employee in every federal agency.

Mr. Beckstrom said he believed that an intelligence service that is  
supposed to focus on foreign targets should not be given so much  
control over the flow of information within the United States  
government. To detect threats against the computer infrastructure —  
including hackers, viruses and intrusions by foreign agents and  
terrorists — cybersecurity guardians must have virtually unlimited  
access to networks. Mr. Beckstrom argues that those responsibilities  
should be divided among agencies.

“I have very serious concerns about the concentration of too much  
power in one agency,” he said. “Power over information is so  
important, and it is so difficult to monitor, that we need to have  
checks and balances.”

Government officials have acknowledged that the agency has gone beyond  
the broad limits set by Congress last year for intercepting telephone  
and e-mail messages of Americans. Leading Democratic and Republican  
lawmakers and civil liberties groups voiced strong concerns Thursday  
after The New York Times reported the breach.

Senator Dianne Feinstein, the California Democrat who leads the Senate  
Intelligence Committee, said in a statement that “these are serious  
allegations, and we will make sure we get the facts.” The committee  
plans to hold a closed hearing on the issue soon, Mrs. Feinstein said.

Representative Silvestre Reyes, the Texas Democrat who leads the House  
Intelligence Committee, said his panel had already held four closed- 
door sessions on N.S.A. compliance problems, and he said it would  
continue to monitor the issue actively. Representative Peter Hoekstra,  
the Michigan Republican who is the ranking minority member on the  
committee, complained, though, that the intelligence community had  
failed to inform Congress of the problem in “a quick and timely manner.”

Some lawmakers said hearings were not enough. Senator Russ Feingold, a  
Wisconsin Democrat who was an outspoken opponent of the legislation  
that broadened the security agency’s wiretapping powers last year,  
said the wiretapping problems were part of “a tragic retreat from the  
principles that had governed the sensitive area of government  
surveillance for the previous three decades.” Mr. Feingold called for  
reforms in intelligence law as well as the public release of certain  
aspects of wiretapping operations “so that the American people can  
better understand their scope and impact.”

Dennis C. Blair, the director of national intelligence, defended the  
agency’s wiretapping operation in a statement Thursday as “vital work”  
in protecting national security, but he acknowledged that “on  
occasion, N.S.A. has made mistakes and intercepted the wrong  
communications.” Mr. Blair said the numbers of such mistakes were  
“very small” in the agency’s vast overall collection efforts, although  
officials would not quantify how many violations had occurred.

Some experts said Thursday that the disclosure of excessive domestic  
collection of information by the security agency served as a warning  
against giving it greater control over cybersecurity.

“The N.S.A.’s expertise, which is impressive and very, very deep, is  
focused primarily on the needs of the military and the intelligence  
community,” said Matt Blaze, a computer security expert at the  
University of Pennsylvania. “Their track record in dealing with  
civilian communications security is mixed at best.”

Agency officials declined to comment Thursday, but the N.S.A. — which  
has the greatest concentration of computing power and expertise in the  
government — has powerful allies in its bid for control. Mr. Blair  
told Congress recently that he believed the agency should be given the  
lead in cybersecurity, arguing that it has the computer “wizards” with  
the skills needed.

In a recent interview, Dale Meyerrose, a retired Air Force general who  
was the chief information officer for the director of national  
intelligence until last year, agreed, saying that while intelligence  
officials need to be mindful of civil liberties concerns in the  
cybersecurity debate, the N.S.A. must have a leading role in that  
effort because of its technical expertise.

“They are probably the premier cybersecurity, cyberorganization in the  
world,” General Meyerrose said.

Like Mr. Beckstrom, others worry about giving a spy agency a virtual  
monopoly over information security.

“There is a tremendous amount of expertise at N.S.A.,” said Amit  
Yoran, the former director of the cybersecurity division of the  
Homeland Security Department, “but I also agree that it would be a  
significant detriment to the nation to let the N.S.A. be the lead  
agency running cyberprograms. There is an inherent conflict of  
interest between their intelligence mission and the mission of the  
folks doing cyber.”

More information about the Infowarrior mailing list