After cyber attack involving software malware, U.S. tries to fill a blind spot with improved cyber defenses

April 20, 2021
Major cyber attack fuels a debate on how the U.S. government and private technology companies can protect both computer networks and civil liberties.

WASHINGTON – The U.S. National Security Agency (NSA) is among the world's most formidable cyber powers, with an army of computer warriors who scan the wired world constantly. National Public Radio reports. Continue reading original article

The Military & Aerospace Electronics take:

20 April 2021 -- Yet by law, the NSA only collects cyber attack intelligence abroad, and not inside the U.S., and U.S. rivals like Russia are aware of this blind spot and know how to exploit it.

In a major breach last year, hackers widely believed to be from Russia's foreign intelligence service, the SVR, placed malware on a software update produced by the Texas company Solar Winds. No one had reason to be suspicious, or the legal authority to monitor, as that software update went out electronically from SolarWinds to 18,000 organizations, including nine U.S. government agencies.

In the digital age, U.S. software privacy protections have an unintended consequence: they help hide foreign intelligence agencies that can disguise their tracks and make it appear as if they are operating from inside the U.S.

Related: Understanding cyber attacks in embedded computing enables integrators and suppliers to consider options

Related: Military cyber security: threats and solutions

Related: The essentials of trusted computing and cyber security

John Keller, chief editor
Military & Aerospace Electronics

Voice your opinion!

To join the conversation, and become an exclusive member of Military Aerospace, create an account today!