National Security Agency Mission Statement
The National Security Agency/Central Security Service leads the community in delivering responsive, reliable, effective, and expert Signals Intelligence and Information Assurance products and services, and enables Network Warfare operations to gain a decisive information advantage for the Nation and our allies under all circumstances.
NSA Strategic Plan
- Mission – Deliver responsive, reliable, and effective Signals Intelligence and Information Assurance, and enable Network Warfare operations, for National Security under all circumstances.
- Transformation – Achieve global network dominance though the development and deployment of a new generation of globally distributed active and passive cryptologic capabilities.
- People – Enhance an expert workforce to meet global cryptologic challenges.
- Business Practices – Create and integrate effective and efficient business management practices within the enterprise and with stakeholders.
It is easy to conclude that Cybercom will exert a great influence over NSA and NSA’s cyber role, and that is true. However, NSA also has its own missions separate from Cybercom and will have unique needs for some cyber capabilities. We recommend tracking both Cybercom and NSA as separate entities when it comes to cyber.
Cyber/Information Technology Trends
- The NSA has been a key point of contact for cyber security across the DoD and FEDGOV. The NSA is entwined with the DHS to enable both their capabilities. This is part of the ‘Team Cyber’ initiative which began as a CNCI led initiative involving 6 Network Operations Centers. The initiative has involved to a very robust information exchange and liaison exchange activity captured in a signed MOU.
- NSA coordinates with many groups for cyber work. Key coordination elements include:
- NTOC – NSA/CSS Threat Operations Center, is a key visualization, correlation and coordination center located at NSA.
- JTF-GNO: Joint Task Force – Global Network Operations (disestablished 7 Sept 2010, now part of USCYBERCOM) contributed the bulk of defensive cyber capabilities to the new Cybercom mission. This core coordinates with NSA IAD and other elements of NSA.
- FBI-NCIJTF: Federal Bureau of Investigation – National Cyber Investigative Joint Task Force. This is another center NSA is in frequent coordination with.
- DC3: DoD Cyber Crime Center. Leads interface into law enforcement investigations for cyber and is also the interface for the DIB companies.
- Many NSA elements are also key components of the new DoD Cyber Command. Many other changes are captured in reporting we will provide separately.
Items of interest:
- The Head of NSA’s Threat Operations Center recently asked for the following from industry:
- In response to questions about what can we do to help?
- Visualization tools for network data
- advanced analytic techniques and technologies to analyze net move
- collaboration tools – secure tools necessary
- better cross-domain solutions
- search methods
- productivity tools for data correlation and workflow coordination
- need standards for how to describe
- seamless sharing
- training – need more skilled operators, defenders, and cyber professionals
- In response to questions about what can we do to help?
NSA hiring recruits for cyber Cold War
The NSA is looking to find cybersecurity experts. They hope to hire as many as 3,000 people over the next two years. NSA recruiters traveled to Las Vegas to scout the hacker conference DefCon. The lack of cybersecurity professionals is rampant throughout public and private industry. NSA is clearly preparing for an escalation of digital warfare.
Social Media vs Organized Crime
The NSA aims to use social media and improved data sharing as part of an enhanced strategy to fight organized crime in the US and abroad. Launched by the White House, the Strategy to Combat Transnational Organized Crime to step up its efforts to fight this type of crime by better integrating diverse work from various agencies that collect intelligence data, track and investigate these types of criminals. This plan will involve the Cyber Crimes Center to coordinate collection and analysis of intelligence.
SecurID users targeted by fake NSA email
RSA’s SecurID token users have recently been targeted with fake emails supposedly coming from the NSA, urging them to update their token code. This link leads them to a website which downloads a Trojan to their computer. This is further evidence of rampant phishing attacks on government users.
Cyberspace Attacks Increasing
The director of NSA stated that over 6M scans per day of US military networks are occurring. It is estimated that 55,000 new pieces of malware are evident each day. US military personnel are adapting by identifying operators attacking and probing networks, rather than just protecting them.
NSA looks to protect defense contractors from cyberattack
The NSA is offering its own scanning tools to protect e-mail and other digital communications for major defense contracts. NSA uses sophisticated data sets to scan traffic for malicious activity.
Data Computer Corporation of America nabs $27M DoD contract
This contract will provide systems engineering, software development and signals intelligence. This task order was won under the NSA’s Set-Aside for Small Business contract.
Congress asks to review NSA Contracts w/ HBGary, Palantir and Berico
Emails stolen from HBGary’s servers point to these three companies and NSA being involved attacks on WikiLeaks. This shows the absolute vulnerability of email servers, as well the tenacity of rogue groups like “Anonymous.” All networks, both public and private need to take this as a wake-up call and do everything they can to prevent adversaries from entering their networks.
Gen Alexander calls for Cyber force at RSA conference
General Alexander (Director of NSA and Commander of USCYBERCOM) stated “…need to concurrently push STEM and educate the public about what goes on these networks so that we can fix it as a team.” A cyber force would be a public/private partnership heavily reliant on academia. Additionally, he is looking to create and early warning system that could detect and defend against “sophisticated adversaries and malicious insiders.” Early warning systems have oft been touted, but would provide great payoff if proven to be accurate.
Break ground on Utah data center – $1.2B cyber defense project
- Rumor About NSA-Google Alliance to Stay Just That (fedcyber.com)
- Judge Says You Can’t Know If Google Spies For NSA (yro.slashdot.org)
- A.M. Links: NSA Looking to Universities for Cyber Ops, Facebook IPO Lawsuits, Lawmakers Target Anonymous Online Speech (txwclp.org)
- 3/28/2012: The DoD, the DHS, Losing in Cyberspace, and More (fedcyber.com)
- Anonymous Breaches the DoJ, Bomb Threat at NSA Data Center, and More (ctovision.com)
- NSA Teams Up With Colleges to Train Students for Secret Cyber-Ops Jobs (wired.com)
- Schools become cyber-ops centers for the NSA (rt.com)
- NSA to offer cyber-ops training at select universities (theverge.com)
- Class Requires Top Secret Clearance (abcnews.go.com)