When a crime is committed, who should go to jail? Credit: David Orban via Flickr Diverge at your own riskThe only good reason to separate cybersecurity and physical security is if you don’t want to keep what you’re trying to protect. They go together. Cyber is sexy; physical is not. You’ve got to embrace them both to defend against the modern criminal, espionage, and hacker environment.We have met the enemy and he is us?The NSA has been having a series of bad days, bad days that typically started as physical theft and evolved into cyber-shenanigans. Cyber? No. Bad employees.The current U.S. Government clearance and/or clearance review process has set the NSA, and probably most other agencies, up for failure. The quality of recently cleared U.S. Government employees is questionable, as their numbers include rapists and murderers. Then there are the hundreds, or perhaps thousands, of trustworthy people who previously held government clearances as military or civilians, and can’t get through the bizarre and ineffective investigation and adjudication now being conducted to reinstate those clearances. The entirety of civil service, much of the military, and the NSA, have been the recipients of broken people thanks to a broken clearance process.But is it right to blame a process? Smoke and mirrorsIn the case of Kaspersky, the U.S. Government says that an NSA employee illegally stole highly classified information from its workplace and installed it on a home computer. That computer was secured from cyber threats by Kaspersky Lab products, products that aggressively monitor software and files to detect intrusion and infestation. Those products have now been called out as enabling hackers (attributed to the Russia government) to sift through systems containing Kaspersky software and search for information of defense or economic value. Stop me if you’ve heard this too many times lately: “Bad Kaspersky. Bad Russians.” I have no financial or other ties or obligations to Kaspersky, but I do gladly recognize their stellar work in defending ICS around the globe. Something’s wrong here. There’s a criminal involved without whose actions none of this would have come to pass. Somebody stole the secrets from the NSA, but what discussion are you seeing in the media regarding the perpetrator? Let’s blame and punish the criminal first, and later worry about its environment influences and upbringing. The sound of silenceThe loathsome traitor Snowden. The addled, but functional and cognizant, traitor Martin. The Islamic Jihad-loving traitor Winner (read the great document denying her bail). Three so-called U.S. citizens who held Top Secret clearances. We know their names because we know their crimes. In the case of Winner, it was seemingly only minutes from the publication of her collection of stolen secrets until her arrest. So, what’s going on with this Kaspersky-linked crime? Punish the criminal! Completely missing from the story line is the emphasis on the criminal, supposedly a contractor for the NSA who illegally removed the classified material and placed it on its own equipment at home, a fact mentioned in passing in almost every media story.Jail. Done deal. Anybody who ever held a clearance of any type knows this is wrong, the damage it can cause, and the penalties associated with this action. Somebody didn’t care and took the chance. Why?Doubt and certaintySomebody who worked at the NSA stole the secrets. Kaspersky didn’t, and Kaspersky as thief isn’t accused in the U.S. Government’s assertion. That doesn’t mean that 99% of the discussion and blame doesn’t hit Kaspersky, however. The U.S. Government repeatedly fails the test of being able, or willing, to fix the actual problems, those being leaks and broken people. There further arises, in this case, a reasonable concern that the entire episode might be political payback for the reported Russian interference with the U.S. elections. In the last four years we’ve had the despicable traitors Snowden, Winner, and Martin, plus an unknown inside leaker still being sought for providing NSA tools to the self-named Shadow Brokers. The problem time and again lies with the wrong people holding clearances and an adjudication and investigation system that’s broken. No less than the former Director of National Intelligence, James Clapper, is a critic. Even if at some point it is proven beyond a shadow of a doubt that Kaspersky products enabled the remote identification of NSA files, it doesn’t prove Kaspersky did anything wrong. Can we eventually fill in the blanks and blame Kaspersky? Maybe. On the other hand, there is a direct link between the thief and the theft. Punish the thief. Related content opinion Toe-to-toe with the Roosskies Russia is hardly, if at all, deterred by sanctions. Until Uncle Sam puts his kinetic foot down, Russian Intrusions and campaigns will continue and most likely increase. By John Bryk Mar 19, 2018 5 mins Cyberattacks Government Technology Industry opinion The next wave? Modular component malware against industrial control safety systems While there exist no imminent, specific, directly attributable credible threats against energy infrastructure in North America, attacks against Ukraine’s energy sector have occurred each December since 2015. By John Bryk Dec 15, 2017 3 mins Cyberattacks Energy Industry Technology Industry opinion Global cyber reconnaissance against the energy sector The sky is not falling, at least not today. By John Bryk Jul 12, 2017 4 mins Cyberattacks Energy Industry Technology Industry opinion PETYA – Darwinism applied to cyberspace By John Bryk Jun 27, 2017 3 mins Ransomware Technology Industry Cyberattacks Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe