NSA

Latest in NSA

Cybersecurity

The NDAA FY'18's Cyber Provisions: What Emerged from Conference?

Robert Chesney Tue, Nov 14, 2017, 1:10 AM

The next National Defense Authorization Act (the NDAA FY’18) is nearing the finish line. A Conference Report is now available, and so the time has come for a closer look at some of the key provisions of interest to Lawfare readers. My colleague Scott Anderson is going to post a broad overview shortly. For my part, I’d like to walk you through the “Cyberspace-Related Matters” section (sections 1631-1649C).

Read more about The NDAA FY'18's Cyber Provisions: What Emerged from Conference?

Cybersecurity

The Real Threat from Kaspersky Security Software

Herb Lin Thu, Oct 12, 2017, 7:30 AM

Read more about The Real Threat from Kaspersky Security Software

Podcasts

The Lawfare Podcast: Bobby Chesney and Michael Sulmeyer on NSA and Cyber Command

Matthew Kahn Sat, Aug 19, 2017, 1:30 PM

Friday morning, the White House announced it will elevate Cyber Command to a full unified combatant command. Within 60 days, the Secretary of Defense will recommend whether Cyber Command should also be split from the National Security Agency.

Read more about The Lawfare Podcast: Bobby Chesney and Michael Sulmeyer on NSA and Cyber Command

Cyber Command

Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

Robert Chesney Mon, Aug 7, 2017, 1:01 PM

The Government Accountability Office last week published a report that, among other things, weighs in on the pros and cons of the NSA/CYBERCOM “dual-hat” system (pursuant to which the director of the NSA/CSS and commander of CYBERCOM are the same person). The report deserves attention but also some criticism and context. Here’s a bit of all three.

1. What is the “dual-hat” issue?

Read more about Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

CYBERCOM

Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year

Robert Chesney Mon, Jul 24, 2017, 2:36 PM

In light of Michael Sulmeyer’s excellent recent piece on splitting NSA and CYBERCOM, which ran at War on the Rocks last week, I want to pull together some of the key legal and policy developments of the past year in a single narrative. My aim is to put them in context with each other in a way that will provide useful background for those new to this issue, while also putting a spotlight on the deconfliction-of-equities issue that the split proposal raises.

Read more about Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year

Intelligence Oversight

New York Times Publishes Declassified Report on Post-Snowden Reforms

Matthew Kahn Fri, Jun 16, 2017, 9:02 PM

The New York Times has published a declassified version of a 2016 report from the Defense Department Inspector General that assesses the reforms implemented to improve security of the NSA's most sensitive systems after the Snowden disclosures.

Read more about New York Times Publishes Declassified Report on Post-Snowden Reforms

Secrecy & Leaks

Recent NSA Leak Arrest: A Few Observations and a Lesson

Nicholas Weaver Wed, Jun 7, 2017, 11:25 AM

Reality Leigh Winner, a recently separated Air Force linguist and a new hire by Pluribus International Corporation as a support contractor with a Top Secret clearance, allegedly searched for and printed out a Top Secret government report, folded it up, and dropped it in the mail to an online news outlet. Yesterday, the U.S. Attorney’s office revealed her arrest in an unsealed indictment.

Read more about Recent NSA Leak Arrest: A Few Observations and a Lesson

WannaCry

WannaCry's Warning: Unpatched Operating Systems and Third-Party Harm

Robert Chesney Mon, May 15, 2017, 5:45 PM

The most important policy question raised by the WannaCry ransomware fiasco is not the most obvious one.

Read more about WannaCry's Warning: Unpatched Operating Systems and Third-Party Harm

Podcasts

The National Security Law Podcast Episode 15: Skirmishes in the Surveillance Wars

Robert Chesney, Steve Vladeck Thu, May 4, 2017, 10:48 AM

In this surveillance-heavy episode [Please use that link; we're still having trouble with the embed code], Professors Chesney and Vladeck dig into a raft of news about foreign-intelligence collection authorities. They open with an overview of how Section 702 collection authority works, and then unpack the recent news that NSA is dropping the “about” collection component of Upstream collection under 702.

Read more about The National Security Law Podcast Episode 15: Skirmishes in the Surveillance Wars

Bulk Metadata Collection

What Is the "Right" Number of Call Detail Records for 42 Targets under FISA's Business Records Authority?

Robert Chesney Wed, May 3, 2017, 5:45 PM

ODNI's transparency report contains loads of interesting information (see, e.g., Adam's post here on FBI queries of the fruits of 702 collection).

Read more about What Is the "Right" Number of Call Detail Records for 42 Targets under FISA's Business Records Authority?

Cybersecurity

The NDAA FY'18's Cyber Provisions: What Emerged from Conference?

Cybersecurity

The Real Threat from Kaspersky Security Software

Podcasts

The Lawfare Podcast: Bobby Chesney and Michael Sulmeyer on NSA and Cyber Command

Cyber Command

Separating NSA and CYBERCOM? Be Careful When Reading the GAO Report

CYBERCOM

Should NSA and CYBERCOM Split? The Legal and Policy Hurdles as They Developed Over the Past Year

Intelligence Oversight

New York Times Publishes Declassified Report on Post-Snowden Reforms

Secrecy & Leaks

Recent NSA Leak Arrest: A Few Observations and a Lesson

WannaCry

WannaCry's Warning: Unpatched Operating Systems and Third-Party Harm

Podcasts

The National Security Law Podcast Episode 15: Skirmishes in the Surveillance Wars

Bulk Metadata Collection

What Is the "Right" Number of Call Detail Records for 42 Targets under FISA's Business Records Authority?

Subscribe to Lawfare

Support Lawfare

Explore