Investigations into the recently revealed NSA hack of 2015 continue to have their ripple effects through the industry.
The saga began a bit over a month ago when the Department of Homeland Security (DHS) issued a ban on the use of software produced by Moscow based Kaspersky cybersecurity firm in all federal agencies. DHS cited unspecified security concerns relating to the company due to suspicions of links to the Russian intelligence community.
Soon after, the revelation of a major cyber attack on the National Security Agency (NSA), which occurred in 2015, began to be reported by US media. Reports stated that Russian linked hackers had successfully breached the computers of NSA contractors by exploiting weaknesses in Kaspersky software on the machines. Kaspersky for its part has all the while vehemently denied any involvement in the incident and company head Eugene Kaspersky even offered to testify in front of Congress regarding the incident.
The investigations into the NSA hack have produced some important results as of late that have the potential to affect both US intelligence community (IC) policies, as well as the relationship between big tech and government policing agencies.
First off, revelations of the hack have started to call into question once again the ability of intelligence agencies to keep a handle on their contractors. The IC employs armies of third-party workers to deal with what is known as the “information glut,” the need to effectively sift through, identify, and analyze important information collected by the various mediums deployed by American spying groups. The infamous Edward Snowden, who orchestrated a massive data leak of sensitive files in 2013, was employed by the NSA and CIA as a contractor. Since then, policymakers have become more and more aware of security risks associated with third-party workers, culminating in this current, ongoing story.
Of course, Snowden was an extreme case, a deliberate attempt to disclose data, motivated by ideological factors. The more pertinent threat associated with contractors is keeping tabs on their security practices that leave IC assets exposed.
The problem is not an easy one to address. As Michael Daniel, former President Barack Obama’s cybersecurity coordinator recently stated, “the federal government supervisor sitting in the same space as a given contractor can't really do personnel oversight, because they are a contractor, on the other hand, the contractor's home company never sees them, because they are always off on contract sites.” Thus the responsibility of security oversight gets shifted around and never handled efficiently.
A likely outcome in reaction to this may be a series of protocols regarding individual contractor screenings, a step that may substantially affect the way the IC operates considering their heavy reliance on these workers.
As a final note, there is one other thing that observers should begin to pay attention to within the web of events surrounding the NSA hack.
Recently, Kaspersky has announced its cooperation with the cybercrime unit of Interpol. According to a company statement, it has already assisted the international police organization with identifying and shutting down thousands of illicit cyber activities including botnet servers and compromised websites posing as legitimate.
It is no coincidence that the company has taken this move in the midst of the current investigation, in regards to which it is desperately trying to maintain an image of innocence.
With other Big Tech firms under government spotlight as of late, it will not be surprising to see other companies offering their assistance to policing organizations in an effort to bolster an image of being on the right team in the cyberspace war.