NSA Director on Sony Hack: ‘The Entire World is Watching’

Uploaded on 2015-01-29 in FREE TO VIEW, GOVERNMENT-Defence, NEWS-News Analysis

National Security Agency Director Admiral Michael Rogers expressed support Thursday for the United States’ economic sanctions against North Korea in response to the hack on Sony Pictures Entertainment, and called the attack against the movie studio a “game changer” for cybersecurity.

“Sony is important to me because the entire world is watching how we as a nation are going to respond do this,” Rogers said Thursday at the International Conference on Cyber Security in New York. “If we don’t name names here, it will only encourage others to decide, ‘Well this must not be a red line for the United States.'”

After naming North Korea responsible for the attack against Sony, the U.S. announced sanctions last week against 10 individuals and three organizations in North Korea, including the state’s main intelligence agency and its primary arms exporter. The sanctions effectively denied them access to U.S. financial systems.

In his address at the conference, Rogers endorsed the U.S. response to the Sony attack, implying the U.S. government should have a key role in responding to some cyberattacks on private companies. “I don’t think it’s realistic” for private companies “to deal with [cyberattacks] totally by themselves,” he said.

Rogers that hacks against private companies may require economic sanctions. “Merely because something happens to us in the cyber arena, doesn’t mean that our response has to be focused in the cyber arena” he said. “I was very happy to see what we as a nation state decided to do,” referring to the response to North Korea.

He also expressed skepticism about so-called “hack backs” in which private companies strike back against hackers, saying they risk “fratricide” by escalating cyber attacks between nation states and institutions.

The NSA was asked to examine malware used in the Sony hack and played a supporting role in determining its origins, Rogers said. The November hack brought down the studio’s networks and resulted in the leaks of terabytes of files including unreleased films and employee Social Security numbers. President Obama said last month the U.S. would launch a proportional response to the attack.

Rogers said North Korea was responsible for the hack against Sony Pictures Entertainment, reaffirming government claims despite doubts among some cybersecurity experts. “I remain very confident: this was North Korea,” Rogers said.

The remarks come a day after FBI Director James Comey said North Korea was “sloppy” in concealing the attack and said he had “high confidence” the hermit state was responsible.
Some cybersecurity experts have argued that the evidence North Korea is behind the attack is inconclusive, noting that the hack may have been the work of disgruntled employees or criminals.

Rogers also urged Congress to pass legislation that would encourage information sharing between private companies and the government on cyber threats.

Time: http://ti.me/1kgYCqw

 

« Critical Infrasctructure: UK and US Power Grids - Under Cyber Attack Every Minute
Industrial Internet of Things: Big Opportunities and Challenges »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

CertiKit

CertiKit

CertiKit produce toolkit products that accelerate the adoption of ISO/IEC standards, including ISO 27001, helping organizations all over the world to realize the benefits as soon as possible.

Critifence

Critifence

Critifence provides unique Cyber Security solutions designed for Critical Infrastructure, SCADA and Industrial Control Systems.

SentryBay

SentryBay

SentryBay is a real-time data security company developing technology for PC, mobile, the cloud and IoT.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Appgate

Appgate

Appgate is the secure access company. We empower how people work and connect by providing solutions purpose-built on Zero Trust security principles.

Noname Security

Noname Security

Noname Security detects and resolves API vulnerabilities and misconfigurations before they are exploited.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

CyberUp

CyberUp

CyberUp is a nonprofit organization created to strengthen the cybersecurity workforce. We help employers reimagine how they grow and scale their cybersecurity workforce.

Flare Systems

Flare Systems

Flare proactively detects and remediates exposure across the clear & dark web, providing organizations with the equivalent of an automated cyber reconnaissance team.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.