RSA 2016 Admiral Michael Rogers, head of the NSA and the US Cyber Command, has told delegates during his keynote address at RSA 2016 the three things that keep him awake at night.
His first fear is an online attack against US critical infrastructure, which he said was a matter of when it will happen, not if. Citing the recent Ukrainian power grid hack as an example, Rogers said that the target was an obvious one and security systems in the US national critical infrastructure were not strong enough.
Number two on his insomnia list was data tampering. We're used to data being stolen, he said, or even deleted as in the case of Sony. But if data has been subtly altered rather than stolen, then the results could be severe.
"What happens when attacks are used to manipulate data or some of its products?" he asked the conference. "You can no longer trust the data we are seeing and we are used to just seeing and accepting it."
His third nightmare was down to the actions of non-state terrorist groups changing their use of online resources. At the moment, such groups are using the internet to recruit members, raise funds, and distribute propaganda. But if they go on the offensive against a country, the results are going to be grim.
"What happens when they use cyber for destruction?" he asked. "These groups are not interested in maintaining the status quo, but in tearing it down."
The NSA can't handle all of this itself, he said, and pleaded with the assembled security experts to bring their skills to the government in partnerships. He recognized that the current debate of encryption was harmful and the two sides aren't cooperating with each other.
Rogers, who is on the record as supporting strong crypto, said that he was worried that the encryption arguments have seen both sides of the debate talking at each other, or even not talking at all. But, he suggested, unless we hang together, we shall all hang separately. ®