Streetwise Professor

June 5, 2015

Is the NSA Spying on Foreign Government Hackers? I Sure As Hell Hope So

Filed under: Military,Politics,Russia,Snowden — The Professor @ 7:08 pm

The latest expose from Putin’s little monkey, Edward Snowden, desperate to maintain his relevance, is that the NSA monitors addresses and cybersignatures linked to foreign hackers, and specifically, foreign government-connected hackers:

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to monitor only addresses and “cybersignatures” — patterns associated with computer intrusions — that it could tie to foreign governments. But the documents also note that the NSA sought permission to target hackers even when it could not establish any links to foreign powers.

To which I say: I sure as hell hope so.

It is more than a little ironic that this article appeared almost simultaneously with the revelation that some foreign organization or government hacked into US government computers, and stole the personal information of millions of government employees. It’s hard to imagine a more telling, vivid contrast between the highly abstract and limited treat to American’s personal privacy posed by the measures described in the NYT article, and the very real threat to that privacy posed by the target of those measures.

This all points out the utter asininity of the Snowden fanatics (who, alas, include some members of Congress and at least one presidential candidate), who appear completely unwilling or unable to think of trade-offs and real world choices, but instead focus monomaniacally on the threat to their personal privacy posed by the US government, while ignoring other more serious threats that (unlike the NSA) operate subject to no legal constraint or oversight whatsoever. Yes, the USG can be abusive, at times to the point of being tyrannical. But we need to speak of specific cases.

Tell me. Whom do you believe is a bigger threat to your privacy? The NSA or hackers, foreign hackers in particular?

There is a pronounced whiff of narcissism from those who think that the NSA really gives a damn about them and their precious online secrets. Sorry to break it to you, but it doesn’t, unless perhaps you have had a bad breakup with an NSA employee. It hoovers up vast amounts of information, but is focused on filtering out the noise to get at intelligence-relevant signals. And believe it or not, the hours you spend on Tinder are nothing but noise.

Hackers, on the other hand, find your information quite fascinating, precisely because they can monetize that information. They can turn ethereal bytes into solid gold.

So there is a real trade off, and when you conceive of it as a trade off the choice becomes pretty obvious. At the cost of allowing the NSA to touch a highly limited sliver of your personal data, you can increase the odds of detecting or deterring a truly malign hack. Or, you can protect your address and cybersignature from the prying eyes of the NSA, and dramatically increase the odds of having your most valuable personal information fall victim to hackers. That’s the trade-off. That’s your choice. Deal with that reality. Those who choose to let the hackers run riot rather than have a few limited pieces of information reside on an NSA-controlled server deserve to have Died of a Theory as their financial epitaph.

(Regarding the hack of the US Office of Personnel Management, the administration pointed the finger at China with unseemly haste. Perhaps. But this seems more like a Russian MO than a Chinese. The Russians are interested in information they can monetize, the Chinese less so. Perhaps China is the culprit, but I wouldn’t rush to judgment.)

The NYT/PP article makes it clear that the DOJ only asked the FISA court for authority to collect the data from intruders connected to foreign governments. The NSA wanted a broader mandate,  including the ability to collect from foreign intruders not reliably tied to a government, but DOJ didn’t ask for it.

That’s too bad. Non-Government hackers, mainly operating from Russia, other FSU countries, and China, are arguably a bigger threat to personal privacy than governments. The non-government hackers have mercenary motives, and your data is particularly attractive to them. Most of the major hacks of valuable personal information have been executed by foreign criminal organizations with no demonstrable connections to foreign governments (though in the case of Russia, they likely operate under Russian government protection) So again looking at the trade-off, I’d prefer that the NSA have the broader authority. That would give me more privacy, and more information security.

With regards to Snowden, isn’t it interesting that Snowden’s organ grinder-Putin-would be one of the main beneficiaries of a restriction on the NSA’s authority to track foreign government hackers? Surely just a coincidence, right, because little monkeys never dance to their master’s tunes, do they?

Print Friendly

3 Comments »

  1. Re. the attribution of the Cyber attack on OPM, apparently it was discovered back in April as a result of countermeasures put in place in response to an attack in March 2014. If the Government has been dealing with this specific threat for over a year, they may be able to attribute it with a high degree of confidence.

    Also it bears remembering that the threats these programs help prevent go beyond mere threats to privacy, but also cyber attacks on infrastructure, and of course, actual physical acts of violence and terrorism.

    Sidenote: It is interesting that this breach was discovered in April and was only publicly announced Thursday, right after the voting on the USA Freedom Act.

    Comment by JDonn — June 5, 2015 @ 11:00 pm

  2. In related news, Snowden got a prize in Norway: http://news.yahoo.com/snowden-awarded-freedom-expression-prize-norway-140646575.html His handler Kucherena already “advised” him not to go to collect the prize, of course. Snowden should definitely watch this movie, now that he has lots of free time: http://www.imdb.com/title/tt1023114 . Seems like his best-odds way of ever leaving Russia alive.

    Comment by Ivan — June 6, 2015 @ 1:45 am

  3. I am confident that the US government is a bigger threat to my privacy than Chinese hackers. The reason is that I know that the US government is vastly more competent and efficient (as far as it goes). Just look at how Dennis Hastert is looking at jail time for withdrawing cash from his own bank account. And if this is how they steamroll a former House speaker, I can only imagine what happens to a regular Joe.

    Comment by aaa — June 6, 2015 @ 6:11 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Powered by WordPress