Expected Next Defense Department Boss Claims Snowden Leak A 'Huge Detriment' To US, Willing To Give Cybersecurity To FBI

from the of-course dept

If anyone thinks we did a good job protecting Defense networks, take a look at Edward Snowden. Whatever you think of that, it was a classic insider threat -- realized to the huge detriment of the country.

A lot of the threat information that the government collects in the counterintelligence area, counterterrorism, protect your own networks area -- some of its germane, but a lot of it is not really germane to these commercial attacks. Said differently, the government isn't collecting a lot of information about these attacks. That's thing one.



Thing two, which is less acceptable, is in this... the US federal government has still not made a decision in the manner of cyberdefense of the kind it had to make in the area of counterterrorism. Which is: is this an attack, a crime or a disaster? Now, why does that matter if it's all three? Well, if it's an attack, then you expect you defense establishment to take care of it. If it's a crime, then you expect your law enforcement establishment to take care of it. And if it's a disaster, then you expect your Homeland Security apparatus to take care of it.



So there's been this sort of three-fold struggle over this. And you add this huge layer of lawyering -- government lawyering, which is even worse -- on top of this, and you have stasis and paralysis.... Even that which is collected and could be shared is inadequately shared, because of those trivial bureaucratic [logjam]....



... I think you see Jim Comey trying to [break that logjam]. My attitude, when I was representing the Defense Department, to Jim and his predecessor Bob Mueller, my attitude was 'I'm not going to try to claim this. Go for it. And I'm 100% behind you.' I could never get Homeland Security, quite honestly. Because they had the attitude that they wanted this bureaucratically. I mean all bureaucracies want things. And they wanted this. But they didn't have the capability . Comey had the authorities and some reasonable technical capabilities. We had a lot of technical capability, but I didn't feel like we were the right people to do it.



So my attitude was, "this is a national problem, let me just get in behind Jim and tell all my bureaucrats to stuff it and stop fighting with him and trying to seize it yourself" but I never got Homeland Security to that point of view.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

It's widely expected that Ashton Carter is going to be nominated as the next Defense Secretary to replace Chuck Hagel, who recently was pushed out by President Obama. So it seemed like an opportune time to see that the latest podcast from venture capital firm Andreessen Horowitz was actually a panel discussion involving Carter and Yahoo's security boss Alex Stamos . The whole podcast is actually quite interesting:However, what struck me is that Carter actually makes a comment about Ed Snowden. In the past, Carter (who was deputy Defense Secretary -- and, remember, NSA is a part of the Defense Department), has shied away from commenting on Snowden's actions, instead focusing on the internal issues that allowed Snowden to do what he did. Here, he does more of the same, but drops in an aside about Snowden's actions causing damage:It would seem that his "whatever you think of that" is immediately negated by his "huge detriment to the country." But I'm curious as to what that huge detriment really is. So far, all we've seen is that it revealedabusive practices of the NSA and its partners, widespread mass surveillance on Americans that has raised significant questions of legality and constitutionality by all three branches of government. And yet, what hasn't been shown is any harm caused by this.Not that I'd expect a bigshot in the Defense Department to celebrate Snowden's whistleblowing, but at the very least, you'd hope that some would avoid throwing around bogus smears that don't seem to be supported by reality.Later in the discussion there is a pretty interesting look at the state of cybersecurity issues. The big "information sharing" question is brought up, but more interesting is that Carter seems to admit that he'd be okay with the Justice Department handling cybersecurity issues, rather than the Defense Department. This is actually quite surprising. For years, we've highlighted that much of the fight within the government concerning cybersecurity legislation was really nothing more than a turf war between the Defense Department (NSA) and Homeland Security over who would get the purse strings for the massive cybersecurity budget. While Homeland Security has its problems, we'd greatly prefer a civilian agency have control over the situation, rather than a military one using its signals intelligence agency for cybersecurity (since the two goals there are clearly at odds). Carter surprisingly admits that it's something of a turf battle, but seems to indicate his comfort with a third player handling it instead: the Justice Department. In fact, he even basically notes that, contrary to what the NSA (and others in the Defense Department) have claimed in the past, the NSA really isn't that good at cybersecurity, since that's not what its job is about:That's pretty interesting -- because for years the view from the outside has always been that the Defense Department was the one that was actively demanding this control. The NSA, under Keith Alexander in particular, was pretty blatant about wanting the cybersecurity mandate. If Carter is really willing to give that up, that's interesting. Though, of course, the NSA and FBI have a fairly close relationship -- and I don't see how handing this mandate over to the FBI is such a good idea either. You pretty quickly run into the same issues the NSA had (though sometimes with evenoversight).Either way, given how much attention Carter is likely to get for his expected new role, it seems worth noting his views on these things that we discuss around these parts pretty frequently.

Filed Under: ashton carter, chuck hagel, edward snowden, nsa