NSA tries to make system hacker-proof
Извор: http://www.chinapost.com.tw/international/2007/09/21/123456/NSA-tries.htmFriday, September 21, 2007
By Siobhan Gorman, The Baltimore Sun
WASHINGTON -- In a major shift, the National Security Agency is drawing up plans for a new domestic assignment: helping protect government and private communication networks from cyber attacks and infiltration by terrorists and other hackers, according to current and former intelligence officials.
From electrical grids to subways to nuclear power plants, the United States depends more than ever on Internet-based control systems whose settings can be manipulated remotely to launch a terror attack, security specialists say.
The plan is for NSA to work with the Department of Homeland Security and other federal agencies to monitor these networks to prevent unauthorized intrusions, according to people with knowledge of what is known internally as the "Cyber Initiative." Details of the project remain highly classified.
Director of National Intelligence John "Mike" McConnell, a former NSA director, is coordinating the initiative. It will be run by the Department of Homeland Security, which has the chief responsibility for protecting domestic infrastructure, including the Internet, current and former officials said.
At the outset, as many as 2,000 people -- from Homeland Security, NSA, and other agencies -- could be assigned to the new initiative, which might be based outside of the Washington area, said a senior intelligence official who spoke on anonymity because much of the project is classified.
NSA's new domestic role would require a revision of the agency's charter, the senior intelligence official said. Until now, NSA's cyber defense arsenal has been used to guard the government's classified networks -- not other, nonclassified government networks, currently the responsibility of other federal agencies.
NSA officials declined to discuss specific programs but said cyber security is a critical component of what they do.
Since the revelation of its warrantless spying program in 2005, NSA and other intelligence agencies have been enmeshed in a controversy over domestic intelligence activities. Homeland Security recently came under fire for plans to employ satellite imagery more extensively.
Some current and former intelligence officials, including several NSA veterans, warned that NSA's venture into domestic networks -- even if limited to protecting them -- could raise new privacy concerns. To protect a network, the government must constantly monitor it. "If you're going to do cyber security, you have to spy on Americans to secure Americans," said one former government official familiar with NSA's operations. "It would be a very major step."
A former senior NSA official said the difference between monitoring networks in order to defend them and monitoring them to collect intelligence from them is very small, adding, delicately, that it "may cause people sensitivity."
These former officials spoke on condition of anonymity to protect relationships with intelligence agencies.
O. Sami Saydjari, a cyber security consultant, said the privacy concerns are real. He said intelligence agencies should be part of the solution, because they have much of the expertise needed to develop a national cyber security system, but that privacy advocates should also be part of the planning process.