The deputy director of the US National Security Agency (NSA), Richard Ledgett, has warned of the increasing danger of destructive cyber attacks by states.
He told the BBC: “If you are connected to the internet, you are vulnerable to determined nation-state attackers.”
He said nations would need to identify red lines that should not be crossed.
He also said agency targets, numbered in “the high hundreds”, had discussed leaks by contractor Edward Snowden, with some changing their behaviour.
Richard Ledgett’s office on the eighth floor of NSA headquarters at Fort Meade is filled with exhibits on the history of code-making and breaking, ranging from American Civil War systems through a German Enigma machine adapted for use with Japan.
There is even an encryption device recovered from the wreckage of the Challenger Space Shuttle.
But it is modern challenges in cyberspace which are now at the heart of the NSA’s dual mission of protecting sensitive government communications and collecting intelligence on America’s adversaries.
In cyberspace, Mr Ledgett said the agency was seeing a shift to more destructive attacks – such as those that hit Sony last year or Saudi Aramco in 2012 – as well as more aggressive postures by nation states.
“The barrier to entry is going down… and as everybody in the world becomes more connected with computers and information systems, the vulnerabilities are going up,” he told the BBC.
Improving defences and identifying the most sensitive data is one important way of dealing with threats. But nations also need to do more to identify clear red lines that, if crossed, will lead to consequences, he said.
Those consequences could take the form of actions within cyberspace itself, where the NSA’s number two said that the US military’s cyber-command was prepared to conduct offensive cyber operations in other peoples networks.
Or the consequences could be diplomatic or economic – for instance in the form of sanctions and the threat of sanctions.
The US, Mr Ledgett said, would look at how to respond to attacks on corporations by other states – as occurred with an alleged attack by Sony – on a case-by-case basis.
Washington has itself been accused of employing destructive cyber attacks – and doing so before others – when it allegedly used the so-called stuxnet virus to damage Iran’s nuclear programme.
The US has publicly criticised China for espionage against US companies and signed a deal to stop such activity during the recent summit between the two country’s leaders.
Some reports suggested this had already been breached but Mr Ledgett said it was too soon to tell.
“The jury is still out,” he said. “In any big organisation when guidance is sent down then sometimes it takes a while to… get to the working level.”
The UK government signed a similar deal but has been less vocal about Chinese cyber-espionage, something which the NSA Deputy Director said he was not “over-concerned by”.
“I think the UK needs to do what is in the UK’s best interest and if they are comfortable with a level of Chinese cyber-activity directly against them, then ok, they may be handling that a different way, they may be handling that privately,” he said.
“I think that we need to do what we need to do.”
The NSA was once so secret it was known as “No Such Agency” but its former contractor Edward Snowden changed all of that. He revealed the extent of intelligence collection – including America’s own cyber-espionage and controversial programmes that retained data on Americans.
Mr Ledgett led the team responding to the Snowden revelations, and he maintains that real damage was done. The NSA has kept track of what their “targets” have said about the disclosures, and he asserts that their behaviour has changed as a direct result.
“We’ve seen in the high hundreds of targets who have said, ‘hey we are vulnerable to these sorts of detection techniques and we need to change the way that we do that,’ and a number of them have.”
He said this included “several terrorist organisations and one in particular that had a mature operational plot directed against western Europe and the US”.
Supporters of Mr Snowden argue that he performed a valuable public service in beginning a much-needed public debate about the extent of the state’s surveillance powers.
“I think that’s a good discussion to have. I think that the way the discussion came about was wrong,” argues Mr Ledgett.
“You hear claims that he was a whistle-blower and that he tried to raise things. Those are just not true. He didn’t try.”
When asked about any prospect of a deal for Snowden – who is currently living in Moscow – to return to the US, Mr Ledgett said he was not aware of one and suggested Snowden should not expect to escape prosecution.
“If he truly believes in what he said – that this was a principled stand – if he truly believes that, I think part of taking a principled stand is taking (the) consequences.”
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.