NSA Director on Sony Hack: ‘The Entire World is Watching’

National Security Agency Director Admiral Michael Rogers expressed support Thursday for the United States’ economic sanctions against North Korea in response to the hack on Sony Pictures Entertainment, and called the attack against the movie studio a “game changer” for cybersecurity.

“Sony is important to me because the entire world is watching how we as a nation are going to respond do this,” Rogers said Thursday at the International Conference on Cyber Security in New York. “If we don’t name names here, it will only encourage others to decide, ‘Well this must not be a red line for the United States.'”

After naming North Korea responsible for the attack against Sony, the U.S. announced sanctions last week against 10 individuals and three organizations in North Korea, including the state’s main intelligence agency and its primary arms exporter. The sanctions effectively denied them access to U.S. financial systems.

In his address at the conference, Rogers endorsed the U.S. response to the Sony attack, implying the U.S. government should have a key role in responding to some cyberattacks on private companies. “I don’t think it’s realistic” for private companies “to deal with [cyberattacks] totally by themselves,” he said.

Rogers that hacks against private companies may require economic sanctions. “Merely because something happens to us in the cyber arena, doesn’t mean that our response has to be focused in the cyber arena” he said. “I was very happy to see what we as a nation state decided to do,” referring to the response to North Korea.

He also expressed skepticism about so-called “hack backs” in which private companies strike back against hackers, saying they risk “fratricide” by escalating cyber attacks between nation states and institutions.

The NSA was asked to examine malware used in the Sony hack and played a supporting role in determining its origins, Rogers said. The November hack brought down the studio’s networks and resulted in the leaks of terabytes of files including unreleased films and employee Social Security numbers. President Obama said last month the U.S. would launch a proportional response to the attack.

Rogers said North Korea was responsible for the hack against Sony Pictures Entertainment, reaffirming government claims despite doubts among some cybersecurity experts. “I remain very confident: this was North Korea,” Rogers said.

The remarks come a day after FBI Director James Comey said North Korea was “sloppy” in concealing the attack and said he had “high confidence” the hermit state was responsible.
Some cybersecurity experts have argued that the evidence North Korea is behind the attack is inconclusive, noting that the hack may have been the work of disgruntled employees or criminals.

Rogers also urged Congress to pass legislation that would encourage information sharing between private companies and the government on cyber threats.

Time: http://ti.me/1kgYCqw

 

« Critical Infrasctructure: UK and US Power Grids - Under Cyber Attack Every Minute
Industrial Internet of Things: Big Opportunities and Challenges »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Blue Frost Security

Blue Frost Security

Blue Frost Security provides high-level IT security consulting, penetration testing services, ISO 27001 Solutions, PCI compliance solutions and training.

eScan AV

eScan AV

eScan develops Information Security solutions that provide protection against current and evolving cyber threats.

AML Solutions

AML Solutions

AML Solutions offer a full range of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) services.

Cybellum

Cybellum

Cybellum provides software risk assessment for DevOps and security executives, by detecting vulnerabilities automatically, without source code.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Bluink

Bluink

Bluink specializes in identity and access management and customer identity verification, using your smartphone as a strong authenticator and secure identity store.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS)

Ukrainian Special Systems (USS) is a state-owned commercial enterprise providing confidential communication, trust services and services in the field of information protection.

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.

Security Discovery

Security Discovery

Stay ahead of cyber threats with Security Discovery. We offer expert consulting, comprehensive services, and a powerful vulnerability monitoring SaaS platform.

Redcoat AI

Redcoat AI

Redcoat AI provide a comprehensive security platform that continuously evolves with the threats and opportunities presented by AI.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.