National Security Agency Protecting Against Hackers
In a major shift, the National Security Agency (NSA) is drawing up plans for a new domestic assignment: helping protect government and private communications networks from cyberattacks and infiltration by terrorists and hackers, according to current and former intelligence officials.
From electricity grids to subways to nuclear power plants, the United States depends more than ever on Internet-based control systems that could be manipulated remotely in a terrorist attack, security specialists told The Baltimore Sun.
The plan calls for the NSA to work with the Department of Homeland Security (DHS) and other federal agencies to monitor such networks to prevent unauthorized intrusion, according to those with knowledge of what is known internally as the “Cyber Initiative.” Details of the project are highly classified.
Director of National Intelligence Mike McConnell, a former NSA chief, is coordinating the initiative. It will be run by the DHS, which has primary responsibility for protecting domestic infrastructure, including the Internet, current and former officials said.
At the outset, up to 2,000 people — from the Department, the NSA and other agencies — could be assigned to the initiative, said a senior intelligence official who spoke to The Baltimore Sun on condition of anonymity.
The NSA’s new domestic role would require a revision of the agency’s charter, the senior intelligence official said. Up to now, The Baltimore Sun reports that the NSA’s cyberdefense arsenal has been used to guard the government’s classified networks — not the unclassified networks that now are the responsibility of other federal agencies.
NSA officials declined to discuss specific programs but said cybersecurity is a critical component of what they do.
“We have a strong history in information assurance and national security,” says NSA spokeswoman Andrea Martino, who added that the agency will continue to play a role in cyberdefense.
Homeland security spokesman Russ Knocke told The Baltimore Sun that “as the lead agency responsible for assuring the security, resiliency and reliability of the nation’s information technology and communications infrastructure, our department is working to unify further and integrate the security framework for cyber operations throughout the federal government.”
Since the existence of its warrantless domestic eavesdropping program was revealed in 2005, the NSA and other U.S. intelligence agencies have been mired in a controversy over domestic intelligence activities. The DHS recently came under fire amid Bush administration plans to broadly expand the use of satellite imagery to assist in federal, state and local law enforcement.
Current and former intelligence officials, including several NSA veterans, warned that the agency’s venture into domestic computer and communications networks — even if limited to protecting them — could raise new privacy concerns. To protect a network, the government must constantly monitor it.
“This will create a major uproar,” says Ira Winkler, a former NSA analyst who is now a cybersecurity consultant. “If you’re going to do cybersecurity, you have to spy on Americans to secure Americans,” says a former government official familiar with NSA operations. “It would be a very major step.”