The head of the NSA has acknowledged that if the government acquired encryption keys, it “creates more opportunities for malicious actors or foreign hackers to get access to the key.” He made the admission during a Senate Intelligence Committee hearing.
The statement was made during nearly two hours of testimony, as the head of the National Security Agency, Admiral Michael Rogers, volleyed questions from lawmakers about encryption key risks, cybersecurity threats from China, and former Secretary of State Hillary Clinton’s email.
In one exchange, US Senator Ron Wyden (D-Oregon) asked Rogers, “As a general matter, is it correct that anytime there are copies of an encryption key — and they exist in multiple places — that also creates more opportunities for malicious actors or foreign hackers to get access to the keys?”
Rogers replied: “[It] depends on the circumstances, but if you want to paint it very broadly like that for a yes and no, then I would probably say yes.”
A memo leaked to the Washington Post showed that this summer a government working committee was trying to find ways to access encrypted cell phones for law enforcement investigations.
When asked about cyber threats from China, Rogers said that Chinese officials were behind the theft of US commercial data, and regularly access private digital communications and data flowing through China.
“We have been very up front,” Rogers told the Senate panel. “We cannot sustain a long term relationship” if China continues unrestrained cybertheft of US intellectual property.
Rogers said Chinese officials “believe that access to communications and data is a sovereign right.”
Later on Thursday, President Barack Obama prepared to host a working dinner for Chinese President Xi Jinping, who has arrived in Washington, DC for a state visit. Cybersecurity issues are expected to loom large in the elaborate affair.
During the hearing, Rogers was also asked to weigh in on the private computer server that Hillary Clinton used for both personal and government emails when she served as secretary of state.
“You really want to drag me into this, sir?” Rogers responded testily when Senator Tom Cotton (R-Arkansas) asked whether the server might have posed security risks. Rogers was not leading the NSA when Clinton was serving the US’ top diplomat.
Cotton asked: “Are the communications of the senior most advisors, even those that may be unclassified, a top priority for foreign intelligence services, in your opinion?”
Rogers admitted that if a foreign government official used a private email server, it would be considered a potential vulnerability – one that could be easily exploited.
“From a foreign intelligence perspective, that represents opportunity,” he said.