X Close

World

Published: Thursday December 19, 2013 MYT 9:10:11 AM
Updated: Thursday December 19, 2013 MYT 9:10:11 AM

Surveillance review board recommends U.S. shift to cyber defence

An illustration picture shows the logo of the U.S. National Security Agency on the display of an iPhone in Berlin, June 7, 2013. REUTERS/Pawel Kopczynski

An illustration picture shows the logo of the U.S. National Security Agency on the display of an iPhone in Berlin, June 7, 2013. REUTERS/Pawel Kopczynski

SAN FRANCISCO (Reuters) - The task force appointed by the White House to review controversial surveillance programmes and other operations by the National Security Agency has recommended policy shifts that emphasise cybersecurity defence.

Among other proposals, the five-member panel's report issued on Wednesday said the NSA should refrain from inserting deliberate weaknesses in encryption systems that "guard global commerce."

Instead, the government should work to promote strong encryption, and its use "should be greatly expanded" to benefit the cause of Internet freedom and protect American business.

"Encryption is an essential basis for trust on the Internet; without such trust, valuable communications would not be possible. For the entire system to work, encryption software itself must be trustworthy," the panel wrote to the White House.

The panel also warned that concerns abroad about the revelations of widespread surveillance via U.S. technology companies "can directly reduce the market share" of these companies, reducing U.S. economic growth.

Such statements, along with the group's broader call to scale back mass data collection, were immediately welcomed by technology groups that have objected to the programs on behalf of member companies.

"Assurances such as these are vital to American companies' success in foreign markets. Equally important is the United States' credibility as a worldwide advocate for a communications tool that promotes democracy," said Computer & Communications Industry Association Chief Executive Ed Black.

"If we do not model the ideals of Internet privacy and freedom, some countries will use that perception to justify greater controls and censorship of the Internet."

Two other proposals will be welcome to many longtime cybersecurity defenders if adopted by the White House or Congress.

The first is that the NSA's Information Assurance Directorate be split off from the agency and housed at the Department of Defence.

The directorate is charged primarily with keeping military networks secure, but because of its expertise it has come to play a large role in protecting civilian and non-government assets as well.

Echoing private complaints from veterans of the agency, the review group said there has been an imbalance favouring offense within NSA, and that "potential conflicts of interest" arise when the dominant mission is penetration, not protection.

In a similar attempt to rebalance toward defence, the panel said the use of newly discovered flaws in software in attacks should be subjected to more careful review by representatives of multiple agencies.

Those flaws are known in the security world as zero-day vulnerabilities, because the maker of the software has had no notice of their existence. Trade in the programs that take advantage of such flaws has boomed in recent years, with U.S. intelligence agencies collectively the largest buyer.

As detailed in a May Reuters report, the use of zero-days alarms defenders for a number of reasons, including the fact that they can be bought simultaneously by hostile parties and that the U.S. agency buyers do not warn the software makers, leaving their customers exposed.

The review panel said that the National Security Council staff should review the use of zero-days and generally approve their use only in "rare instances" for high priority targets after senior review by multiple departments.

Most of the time, the report said, the government should use the information about zero-days to make sure that government and private networks are patched.

The NSA referred questions about the recommendations to the White House. A White House spokeswoman said they are not ready to respond to individual recommendations in the report.

advertisement

  1. Malaysian passport 9th best in the world
  2. Japanese oil tanker robbed, three crew believed kidnapped in dramatic dawn raid
  3. KL set to be in 'security lockdown'
  4. 'Godfather' believed to have killed 13-year-old boy
  5. Every kind of success in life depends on our virtues as a person
  6. Brave boy comforts family
  7. At the ‘mercy’ of drivers
  8. Mutual respect and tolerance fundamental to all religions, says British politician
  9. College staff turn to loan sharks after salaries unpaid for four months
  10. Selangor MB Khalid: Can't stop water rationing yet, but will review next week

advertisement

advertisement