NSA wages secret war against encryption

Snowden documents show questionable deals to get ‘keys’ to systems

continued from page 2

Question of the Day

Should Congress make English the official language of the U.S.?

View results

Analysts note that, because of the open nature of the Internet, attack technologies tend to proliferate quickly, increasing the likelihood that criminals and others will get access to NSA cyberweapons.

Craig Mundie, a senior adviser to the CEO of Microsoft Corp., said that when a cyberweapon is used, “every bad guy in the world gets to watch.”

As a result, “this [cyberattack] capability escalates globally very rapidly,” he said.

The trust factor

Critics say the NSA’s dual attitude toward vulnerabilities it discovers or plants in software is an inescapable byproduct of the agency’s twofold role.

In assuring the integrity of vital U.S. communications, the NSA relies on encryption and other technologies to make online communications secure. But as the government's premier surveillance agency, it is dedicated to defeating those same technologies.

The encryption revelations “highlight the problem of having information assurance and signals intelligence under the same roof,” said Kevin Bankston, senior counsel with the Center for Democracy and Technology, a nonprofit that advocates for Internet freedom.

The agency, Mr. Bankston notes, is supposed to play a key role in securing vital privately owned U.S. infrastructure from computer attack.

But as an Internet or telecommunications service provider, “you’d be crazy to ask the NSA for help now” fighting a virus or other computer attack, said Alan B. Davidson, who was head of public policy for Google Inc. for seven years until 2012.

Mr. Davidson, now a researcher at the Massachusetts Institute of Technology, said the NSA has undermined trust in the government’s role as a guarantor of Internet security.

“Government could and should have a role,” he said, “but it can’t if it’s not trusted.”

Many cryptologists believe the effort to subvert encryption and other means to achieve anonymity, privacy and security on the Internet also makes the U.S. — and the rest of the world — less safe online.

“Dependable computing is essential to our society. You have to be able to trust your computer,” Mr. Ylonen said.

Encryption is essential to the security of critical infrastructure such as major credit card companies and other financial services, he said. “Undermining them damages cybersecurity.”

© Copyright 2014 The Washington Times, LLC. Click here for reprint permission.

About the Author
Shaun Waterman

Shaun Waterman

Shaun Waterman is an award-winning reporter for The Washington Times, covering foreign affairs, defense and cybersecurity. He was a senior editor and correspondent for United Press International for nearly a decade, and has covered the Department of Homeland Security since 2003. His reporting on the Sept. 11 Commission and the tortuous process by which some of its recommendations finally became ...

Latest Stories

Latest Blog Entries

Comments
blog comments powered by Disqus
TWT Video Picks