Rick Ledgett was the Deputy Director of the National Security Agency from January 2014 through April 2017.
Subscribe to this Lawfare contributor via RSS.
The recently reported activities by U.S. Cyber Command around the 2018 midterm elections were sorely needed, and according to press reports were effective. Some have criticized them as not having deterrent value, but that fails to recognize their tactical and operational value.
When reading about Snowden, keep in mind the dedicated NSA employees who strive to uphold the rule of law and protect their country.
Kaspersky Lab has been under intense fire recently for allegedly using, or allowing Russian government agents to use, its signature anti-virus software to retrieve supposed National Security Agency tools from the home computer of an NSA employee. This follows activities from the U.S. government including Sen. Jeanne Shaheen's proposed legislation to ban Kaspersky products from use by the government and a binding operational directive from the Department of Homeland Security that does the same.
The WannaCry and Petya malware, both of which are partially based on hacking tools allegedly developed by the National Security Agency, have revived calls for the U.S. government to release all vulnerabilities that it holds. Proponents argue that this would allow patches to be developed, which in turn would help ensure that networks are secure. On its face, this argument might seem to make sense—but it is a gross oversimplification of the problem, one that not only would not have the desired effect but that also would be dangerous.