The National Security Agency want to be able to hack more people, vacuum up even more of your internet records and have the keys to tech companies’ encryption – and, after 18 months of embarrassing inaction from Congress on surveillance reform, the NSA is now lobbying it for more powers, not less.
NSA director Mike Rogers testified in front of a Senate committee this week, lamenting that the poor ol’ NSA just doesn’t have the “cyber-offensive” capabilities (read: the ability to hack people) it needs to adequately defend the US. How cyber-attacking countries will help cyber-defense is anybody’s guess, but the idea that the NSA is somehow hamstrung is absurd.
The NSA runs sophisticated hacking operations all over the world. A Washington Post report showed that the NSA carried out 231 “offensive” operations in 2011 - and that number has surely grown since then. That report also revealed that the NSA runs a $652m project that has infected tens of thousands of computers with malware.
And that was four years ago - it’s likely increased significantly. A leaked presidential directive issued in 2012 called for an expanded list of hacking targets all over the world. The NSA spends ten of millions of dollars per year to procure “‘software vulnerabilities’ from private malware vendors” – ie, holes in software that will make their hacking much easier. The NSA has even created a system, according to Edward Snowden, that can automatically hack computers overseas that attempt to hack systems in the US.
Moving further in this direction, Rogers has also called for another new law that would force tech companies to install backdoors into all their encryption.The move has provoked condemnation and scorn from the entire security community - including a very public upbraiding by Yahoo’s top security executive - as it would be a disaster for the very cybersecurity that the director says is a top priority.