NSA: Just say no to hacking back
The National Security Agency's chief counsel said organizations that suspect a cyberattack should call Homeland Security or the FBI instead.
The NSA is taking a strong stance against hacking back.
If an organization should see evidence of an ongoing cyberattack, it should alert the FBI or Homeland Security, Glenn Gerstell, the National Security Agency's chief counsel, told reporters at the 2019 Intelligence and National Security Summit. "Both are in a position through their interagency task force to summon whatever resources of government are appropriate at that time," he said.
At a Sept. 5 panel discussion on hacking back, Gerstell did not directly address concerns that former intelligence officers entering the private sector overseas engaging in hacking-back efforts, but he said "they are free to undertake whatever private-sector activities they want to take" but are "responsible for protecting the secrets of the federal government for their life."
Gerstell also touted the NSA's new Cybersecurity Directorate, led by Anne Neuberger, that's set to launch Oct. 1 and will help streamline information sharing.
"The NSA for decades has had a cybersecurity and information assurance mission, but the result … of the 2018 election as well as the general growth in cyber mischief have convinced us that it's important for us to have one integrated focal point within the National Security Agency to deal with the cybersecurity threats rather than have it dispersed," Gerstell told reporters following a panel discussion.
The new directorate will serve as a centralized point that will enable some foreign governments, as well as the U.S. public and private sectors to share information and have "one significant point of contact to be able to harness all the resources within NSA to address cyber threats," he said.
Gerstell explained that the directorate would "engage as appropriate where we have the authority with the private sector and other federal government agencies." The directorate would also turn information over to entities who could take action, such as the FBI or U.S. Cyber Command.
This article first appeared on FCW, a partner site to Defense Systems.