The National Security Agency is teaming up with leading artificial intelligence companies in a drive to expose foreign adversaries’ use of cutting-edge technology emerging in the private sector.
The NSA’s Kristina Walter said the agency’s Cybersecurity Collaboration Center is rapidly building close working relationships with private cybersecurity firms to defend against hostile foreign hacks focused on AI attacks.
Since its launch about four years ago, the center has enlisted more than 1,000 cybersecurity companies to help thwart hackers. Ms. Walter, who took over the center in June, told The Washington Times on Wednesday that her team is forming a smaller number of select partnerships with key AI companies.
“We’re really focused on quality over quantity there,” Ms. Walter said in an interview at the Billington CyberSecurity Summit in Washington. “[We’ll] work with those big frontier companies who are supporting the AI industry, and [make] sure that what we know about nation-state actors targeting AI or trying to use it in malicious ways, we can share that so that they can disrupt the activity at scale.”
The effort is part of the NSA’s growing AI Security Center, established last year. Ms. Walter said the team intends to jointly publish advisories with the AI companies similar to NSA’s cybersecurity guidance issued alongside U.S. agencies and foreign allies.
She would not specify the AI companies that the NSA is wooing but said the selection depends on who will have the biggest impact on national security.
Identifying the handful of companies on the agency’s radar is not hard. Retired Army Gen. Paul M. Nakasone left his post at the NSA this year and subsequently joined the board of OpenAI, maker of the popular chatbot ChatGPT. Ms. Walter said her team has not interacted with Mr. Nakasone “in his capacity on the board.”
Other potential participants are headed this month to the United Nations General Assembly in New York, where Secretary of State Antony Blinken is set to host meetings with leading AI companies. Ambassador Nathaniel C. Fick, the nation’s top cyber diplomat, told The Times that the meetings would include Anthropic, Google, Microsoft and OpenAI.
If the NSA’s AI efforts succeed, the federal government’s partnership with AI firms likely will mirror its work with cybersecurity companies to root out foreign hackers.
Jami Wise, deputy chief of the NSA’s China Strategy Center, said the Cybersecurity Collaboration Center played a key role in halting foreign hackers’ burrowing into critical infrastructure.
Ms. Wise told attendees at the Billington summit on Wednesday that the NSA knew cyberattackers were targeting a specific capability offered by a company that works with the collaboration center.
The agency used its public-private partnership to get its hands physically on the problem.
“We were also then able to actually procure one of the devices and provide, bring it into the agency for our technical experts to look at,” Ms. Wise said. “But simultaneously, we were actually able to work with four industry partners to … try to mitigate the threat and the vulnerability.”
Ms. Walter told The Times it was fair to compare the NSA’s new intimate collaborations with the private sector to the NSA’s increased cooperation with the CIA after the Sept. 11, 2001, terrorist attacks.
Despite such close teamwork to expose and prevent foreign cyberattackers, Ms. Walter was adamant that the Cybersecurity Collaboration Center’s work with private companies does not have a role in America’s offensive cyber operations.
She dismissed questions about whether the partnerships will put a target on the backs of American companies. Ms. Walter said the private-sector partners are not facing additional cyberattacks from hostile nations because of their work with the NSA.
“Those companies are being targeted whether they’re working with us or not, frankly, because they’re critical to U.S. business, they’re critical to national security, they’re critical to the warfighter,” she said. “Us partnering with them is really so that we can better understand the malicious activity and help them defend it. And they can do with what they want with the information.”
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.