X Close

World

Published: Thursday December 19, 2013 MYT 9:10:11 AM
Updated: Thursday December 19, 2013 MYT 9:10:11 AM

Surveillance review board recommends U.S. shift to cyber defence

An illustration picture shows the logo of the U.S. National Security Agency on the display of an iPhone in Berlin, June 7, 2013. REUTERS/Pawel Kopczynski

An illustration picture shows the logo of the U.S. National Security Agency on the display of an iPhone in Berlin, June 7, 2013. REUTERS/Pawel Kopczynski

SAN FRANCISCO (Reuters) - The task force appointed by the White House to review controversial surveillance programmes and other operations by the National Security Agency has recommended policy shifts that emphasise cybersecurity defence.

Among other proposals, the five-member panel's report issued on Wednesday said the NSA should refrain from inserting deliberate weaknesses in encryption systems that "guard global commerce."

Instead, the government should work to promote strong encryption, and its use "should be greatly expanded" to benefit the cause of Internet freedom and protect American business.

"Encryption is an essential basis for trust on the Internet; without such trust, valuable communications would not be possible. For the entire system to work, encryption software itself must be trustworthy," the panel wrote to the White House.

The panel also warned that concerns abroad about the revelations of widespread surveillance via U.S. technology companies "can directly reduce the market share" of these companies, reducing U.S. economic growth.

Such statements, along with the group's broader call to scale back mass data collection, were immediately welcomed by technology groups that have objected to the programs on behalf of member companies.

"Assurances such as these are vital to American companies' success in foreign markets. Equally important is the United States' credibility as a worldwide advocate for a communications tool that promotes democracy," said Computer & Communications Industry Association Chief Executive Ed Black.

"If we do not model the ideals of Internet privacy and freedom, some countries will use that perception to justify greater controls and censorship of the Internet."

Two other proposals will be welcome to many longtime cybersecurity defenders if adopted by the White House or Congress.

The first is that the NSA's Information Assurance Directorate be split off from the agency and housed at the Department of Defence.

The directorate is charged primarily with keeping military networks secure, but because of its expertise it has come to play a large role in protecting civilian and non-government assets as well.

Echoing private complaints from veterans of the agency, the review group said there has been an imbalance favouring offense within NSA, and that "potential conflicts of interest" arise when the dominant mission is penetration, not protection.

In a similar attempt to rebalance toward defence, the panel said the use of newly discovered flaws in software in attacks should be subjected to more careful review by representatives of multiple agencies.

Those flaws are known in the security world as zero-day vulnerabilities, because the maker of the software has had no notice of their existence. Trade in the programs that take advantage of such flaws has boomed in recent years, with U.S. intelligence agencies collectively the largest buyer.

As detailed in a May Reuters report, the use of zero-days alarms defenders for a number of reasons, including the fact that they can be bought simultaneously by hostile parties and that the U.S. agency buyers do not warn the software makers, leaving their customers exposed.

The review panel said that the National Security Council staff should review the use of zero-days and generally approve their use only in "rare instances" for high priority targets after senior review by multiple departments.

Most of the time, the report said, the government should use the information about zero-days to make sure that government and private networks are patched.

The NSA referred questions about the recommendations to the White House. A White House spokeswoman said they are not ready to respond to individual recommendations in the report.

advertisement

  1. Karpal Singh cremated after emotional farewell
  2. Karpal Singh’s final journey, thousands bid farewell
  3. Penang mourns passing of Karpal Singh, says Guan Eng in eulogy
  4. Karpal Singh: Photo Gallery
  5. Karpal Singh: Emotional moment as thousands pay their last respects at funeral
  6. Storify: The Tiger sleeps today
  7. Karpal, my hometown hero
  8. JPJ: Driving licence for automatic cars out in June
  9. MH370 search: Next 48 hours crucial, says Hishammuddin
  10. Gobind: My father was a simple man, who enjoyed simple things

advertisement

advertisement