US cyber security system sparks privacy row

Friday, 3 September 2010

Central Government, Policy, Security

By Robin Hicks | 8 September 2009

A new version of a computer intrusion detection system being developed by the United States Department of Homeland Security has raised concerns from advocacy groups over privacy and the involvement of the National Security Agency (NSA) in the development of the software. The new system, known as Einstein 3, can reportedly read email as well as its original function, to detect malicious software.

Photos

View photos

Related Categories

From this Section

NEWS

Civil rights group Center for Democracy and Technology (CDT) called on the Obama administration to release information about the legal implications of Einstein 3, which will be rolled out across all government agencies.

“While its predecessor merely detected and reported malicious code, Einstein 3 is to have the capability of intercepting threatening internet traffic before it reaches a government system,” said a CDT spokesperson.

CDT also called to question the role of the private sector in the development of Einstein 2 and 3, and the safeguards that will be put in place to prevent the misuse of private information collected.

However, Don Adams, Chief Security Officer and Chief Technology Officer, Worldwide, Public Sector, TIBCO, said that the project is unlikely to be derailed because of privacy concerns.

He told FutureGov: “Einstein 3 is absolutely necessary to the defence of the US Government. It will move the Forward Edge of the Battle Area (FEBA) for cyber warfare to the major private sector internet carriers where traffic is shaped and delivered to government sites.”

“The two biggest differences between Einstein 2, which still exists today, and Einstein 3 are: the inclusion of US Civilian Government Agencies to those protected from cyber attacks, and moving the FEBA outside of the government systems and networks under daily attack.”

Adams pointed to statistics showing that, in the month of July 2009, there were more than one million cyber attacks per second being targeted against select servers. And while efforts have been made to reduce the number of public facing access points to government sites there are still over 2700 of them in use.

He noted: “Intercepting mass scale attacks before they reach government sites is far more efficient and effective than the current approach. Today, approaches are fairly passive and designed to be as non-intrusive as possible. With Einstein 3, the approach will actively shut down attacks it detects, as a result of the Tutelage software provided by the NSA.”

“Einstein 3 is a great step forward toward an eventual solution to an unprecedented level of attacks against a broad spectrum of US Federal agencies from the FAA to DHS and all elements of DOD and even the Department of Commerce.”

For Asian government agencies thinking of installing new intruder detection systems, Adams suggest introducing technology that is commensurate with their exposures and the levels of threat they find themselves experiencing.

“Beyond that, they need to understand potential threat scenarios from classic hackers, commercially incented attacks on their economies and nation-state attacks related to their beliefs and autonomy,” he said.