Einstein Is On Your Ass
Tweet
The Obama administration lifted the veil Tuesday on a highly-secretive set of policies to defend the U.S. from cyber attacks.
It was an open secret that the National Security Agency was bolstering a Homeland Security program to detect and respond to cyber attacks on government systems, but a summary of that program declassified Tuesday provides more details of NSA’s role in a Homeland program known as Einstein.
The current version of the program is widely seen as providing meager protection against attack, but a new version being built will be more robust–largely because it’s rooted in NSA technology. The program is designed to look for indicators of cyber attacks by digging into all Internet communications, including the contents of emails, according to the declassified summary.
Homeland Security will then strip out identifying information and pass along data on new threats to NSA. It will also use threat information from NSA to better identify emerging cyber attacks.
NSA’s role is a careful balance because of the political battles that ensued over the agency’s role in domestic surveillance in the George W. Bush administration. Declassifying details of the NSA’s role, in a program initially developed during the Bush administration and continued in the Obama administration, will likely ignite new debates over privacy.
The White House’s new cyber-security chief, Howard Schmidt, announced the move to declassify the program in a speech at the RSA conference in San Francisco–his first major public address since assuming the post in January. He said addressing potential privacy concerns was one of the ten initial steps he planned to take. “We’re really paying attention, and we get it,†he said.
SAN FRANCISCO–Homeland Security and the National Security Agency may be taking a closer look at Internet communications in the future.
The Department of Homeland Security’s top cybersecurity official told CNET on Wednesday that the department may eventually extend its Einstein technology, which is designed to detect and prevent electronic attacks, to networks operated by the private sector. The technology was created for federal networks.
Greg Schaffer, assistant secretary for cybersecurity and communications, said in an interview that the department is evaluating whether Einstein “makes sense for expansion to critical infrastructure spaces” over time.
Not much is known about how Einstein works, and the House Intelligence Committee once charged that descriptions were overly “vague” because of “excessive classification.” The White House did confirm this week that the latest version, called Einstein 3, involves attempting to thwart in-progress cyberattacks by sharing information with the National Security Agency.
Greater federal involvement in privately operated networks may spark privacy or surveillance concerns, not least because of the NSA’s central involvement in the Bush administration’s warrantless wiretapping scandal. Earlier reports have said that Einstein 3 has the ability to read the content of emails and other messages, and that AT&T has been asked to test the system. (The Obama administration says the “contents” of communications are not shared with the NSA.)
“I don’t think you have to be Big Brother in order to provide a level of protection either for federal government systems or otherwise,” Schaffer said. “As a practical matter, you’re looking at data that’s relevant to malicious activity, and that’s the data that you’re focused on. It’s not necessary to go into a space where someone will say you’re acting like Big Brother. It can be done without crossing over into a space that’s problematic from a privacy perspective.”
If Einstein 3 does perform as well as Homeland Security hopes, it could help less-prepared companies fend o
 |
|