NSA allies with Internet carriers to thwart cyber attacks against defense firms

By Ellen Nakashima,June 16, 2011
(Page 2 of 2)

Although this NSA technology is more sophisticated than traditional anti-virus programs, it still can screen only for known threats. Developing detection and mitigation strategies for emerging new threats is more difficult.

The program also does not protect against insider threats or employees who deliberately leak material. Nor will it protect a network from penetration by hackers who have compromised security software, enabling them to log in as if they were legitimate users. That is what happened recently when security firm RSA’s SecurID tokens were compromised, enabling hackers to penetrate Lockheed Martin’s computers. Lockheed said no customer, program or employee personal data were compromised.

The pilot program has been at least a year in the making. Providers and companies were concerned that they would be vulnerable to lawsuits or other sanctions if they allowed the government to filter the traffic or shared network data with the government. The NSA, meanwhile, was concerned about the classified data getting into the hands of adversaries.

The Internet carriers that are part of the pilot are not being paid to prepare their systems for it, an effort that industry officials said costs millions of dollars. The providers will work with the companies they currently serve. In some cases, they already provide a similar service of filtering for malicious traffic using their own threat data.

Lynn’s speech also appeared to outline key elements of the Pentagon’s cybersecurity strategy, an unclassified version of which is due out soon. The strategy, said experts and analysts who have been briefed on it, focuses on building defenses and a framework for deterrence. It also makes clear the military’s prerogative to use cyberwarfare and other traditional military means if the United States is attacked or becomes engaged in hostilities with an adversary.

“First we must raise the level of protection in government and military networks,” Lynn said Thursday. “We must ready our defense institution to confront cyberthreats, because it is clear any future conflict will have a cyber dimension.”

Loading...

Comments

© 2013 The Washington Post
Terms of Service
Privacy Policy
Submissings and Discussion Policy
Ad Choices
Index by Date
Index by Keyword