NSA Director: Expect More Hacks As Big As the OPM Heist
National Security Agency director Mike Rogers speaks at Stanford University, Monday, Nov. 3, 2014, in Stanford, Calif. Rogers told professors and students that U.S. intelligence is depending on Silicon Valley innovation for technologies that strengthen th AP Photo/Marcio Jose Sanchez
To protect itself, the Defense Department is itemizing the military's stored away files and re-examining how they are secured, NSA and Cyber Command leader and Adm. Mike Rogers said.
The head of the National Security Agency, who doubles as the Pentagon's cybersecurity lead, expects there will be more hacks as big as the Office of Personnel Management data heist.
Grouping the OPM theft with a data compromise at health insurer Anthem that victimized 78.8 million people, Adm. Mike Rogers said such large quantities of information are in demand precisely because of their size.
"OPM, in some ways shows, although you could have said the same thing from the Anthem health insurance hack” of December 2014, that "data is increasingly a commodity of value all on its own," Rogers, leader of NSA and U.S. Cyber Command, said Thursday.
Five to 10 years ago, "we thought there's just so much data here, no one could put it all together,” he said. “Its very size makes it very difficult for an adversary to generate knowledge or understanding out of it.”
Now, so-called big data analytics has the power to digest information in ways that let industry observe consumer habits to tailor advertising and let spies uncover abnormal behaviors to spot persons of interest.
"What you saw at OPM, my comment would be, you are going to see a whole lot more of," Rogers said during remarks at the Atlantic Council. The computer intrusion captured biographies on 21.5 million national security employees and their families.
To protect itself, the Defense Department is itemizing the military's stored away files and re-examining how they are secured, he said. It is a task that will not be completed in a short time period, Rogers added.
“We're asking ourselves: What are our large data concentrations? Where are they? Are they appropriately protected?” he said. “In the world we are living in now, as opposed to the world we lived in when we created some of them, do we need to look at things a little differently?"
Civilian agencies, similarly, are hustling to meet various deadlines for identifying their most prized data, under an October 2015 White House Cybersecurity Strategy and Implementation Plan.
Andy Ozment, assistant secretary of the Department of Homeland Security Office of Cybersecurity and Communications, told Nextgov last week the real challenge will be afterward, when agencies work to insulate the files from less secure nodes on their networks.
The same gang of Chinese-financed hackers allegedly assaulted both Anthem and OPM, according to Bloomberg. Rogers on Thursday did not identify the originator of either attack, although his colleague Director of National Intelligence James Clapper in June 2015 fingered China for the OPM network intrusion.
To Rogers’ point, nation states around the globe, including China and America, have caught on to the practicality of intelligence mashups.
A month after the U.S. government disclosed the OPM debacle, China's state-owned news service announced the launch of the country's first local community "data analytic system" and plans to open more systems in other parts of the country. The data-crunching application “also links courts across the country with government branches and banks, facilitating inquiries and freezing of accounts that belong to those who default on court decisions,” Xinhau reported July 5, 2015.
Meanwhile, the Obama administration has up its sleeves Palantir, a secretive analytics startup partially bankrolled by CIA venture capital arm In-Q-Tel. The Palo Alto, California, firm recently increased its total value to about $20 billion.
On Thursday, Rogers did not categorize the snooping at OPM as legal or illegal.
The situation, he said, hits on the international issue of determining what types of cyberspace surveillance activities are acceptable.
“We certainly acknowledge every nation around the world uses capabilities within its means to try to better understand the world around it. And we call that spying and espionage,” Rogers said.
“If it helps us generate greater understanding of the world around us and the actions and thoughts of the parties we are dealing with -- that's a positive for nations, it's a positive for the broader world," he added.