Hacker News new | past | comments | ask | show | jobs | submit login

It’s part of the NSA’s mission to secure American businesses, communications, and infrastructure against foreign attack.



It is, but they also have a competing mission to compromise the security of non-American businesses, communications, and infrastructure. Since for the most part, the same software is used by both, these missions often contradict each other. e.g. documents from Snowden revealed that the NSA had broken encryption recommended by NIST. It's difficult to know if NSA recommends something because it makes their defensive mandate easier, or their offensive mandate easier.

For this reason, experts like Schneier [1] have long advocated that the NSA be broken up so that these two missions do not fall under the same agency.

[1] https://www.schneier.com/blog/archives/2014/02/breaking_up_t...


No it is not.

Responsibility (issue advisories) for unclassified, commercial, non-defense internet is a confusing mess split between Commerce (NIST, https://csrc.nist.gov/about), DHS (CISA, https://www.cisa.gov/cybersecurity), Energy (CESER, https://www.energy.gov/ceser/cybersecurity if it is related to energy infrastructure), etc.

Throw in other agencies like DISA (https://disa.mil/About/Our-Work) as appropriate.

NSA's defensive mission is about securing National Security Systems. These have a fairly specific definition, and are not running in the average business.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: