NSA to Google wrt APT - "We're here to help"
Feb 4, 2010 
The Washington Post reported that the NSA will be helping Google with the analysis of events related to the recent Chinese Espionage that affected Google and so many other US Companies.
Does this confirm the existence of APT, and that APT is a real danger? Duh, the world's scariest intelligence organization is focusing their talents on the problem - it IS a problem. Is this the best way to combat it? Well, we do need more exposure, information and collaboration so I can't really think of a better partnership of minds.
Sure the Privacy implications are huge. NSA does go to great lengths to protect privacy of US Citizens. The fact that this is public information does lend itself to more trust. They are both being fairly transparent and the goal is in our (US-centric) best interest.
Some questions I have - I wonder who is going to have oversight authority? I also wonder WHY this is public information? Is NSA going to offer the same level of collaboration to other companies affected by APT (or non APT espionage)? If so great news, if not then what is the threshold for involvement?
I also wonder if this was coordinated through our new Cyber Coordinator and if so, why wouldn't he take the opportunity to announce the partnership?
What do you think?
Reader Comments (1)
This incident has forced discussions at all levels as to what is considered and act of aggression in cyberspace. In essence, the U.S. has to consider how to apply one of its longest standing tenets of foreign policy, the Monroe Doctrine, to cyberspace. Where do we draw the line that delineates our turf, and convey it clearly to the world. This is irrelevant in the context of cyber-terrorist threats though....a completely different kind of threat. It is not a surprise that even if such events were state-sponsored that the foreign state would deny involvement and claim it as an act of cyber-terrorism. Using this terminology is in a way playing a game of semantics, because the word terrorist to the general public further removes the association of an established state with the concept of terrorism ( a start at molding public perception). The real interesting thing about seeing public acknowledgement of NSA assistance is that this may be an indication of the development of the U.S.'s measured response to a cyber attack or exploitation. We'll see where this goes.
With regards to China, they may have cyber exploitation capabilities, but we have to keep in mind that China has approximately $800B invested in our national debt. This is in addition to commercial investments. A crash of the U.S. economy would hurt China's economy as well. And with China struggling to keep its national unemployment rate below 5%... a sudden increase, regardless of how small in a country of nearly 3B people presents a financial and internal security problem as well. I'm not saying that China would not conduct cyber operations...I just do not see China executing a cyber attack that could have a negative impact on the U.S. economy because it would pose assymetric ramifications on their own state. The threat is there, I just don't see it as grave as the media makes it out to be.
As for the persistent threat....that is a given that it exists and is a relevant threat to all organizations. If you have or know something of value to you or someone else, the threat to your organization exists. What is the point of an advanced attacker in attempting a penetration against a worthy adversary and not leaving a means to continue to exploit it? The risk of detection, attribution and response has to be worthwhile...otherwise....pick another target.