Last month, the National Security Agency (NSA) began working with Internet service providers (ISPs) to create tools that scan e-mail and other digital traffic to guard against cyberattacks. The program identifies malicious programs targeting the nation’s largest defense firms, like Lockheed Martin (NYSE:LMT), which was attacked last month, in an effort to keep U.S. military secrets from falling into the hands of rival nations or terrorist groups.
However, the program is already creating concerns about privacy issues from people worried the government will extend it beyond the work of defense contractors to survey all private Internet traffic. According to officials, the program does not currently involve direct monitoring of networks, but instead uses NSA-developed identifiers to filter Internet traffic flowing to defense contractors, allowing ISPs to disable recognized threats before they can even access a contractor’s servers.
Internet service providers currently working with the NSA to filter the traffic of 15 defense contractors are AT&T (NYSE:T), Verizon (NYSE:VZ), and CenturyLink (NYSE:CTL). ISPs are not being paid to administer the program. Contractors like Lockheed Martin, CSC, SAIC, and Northrop Grumman are not required to report the success rate to the NSA’s Threat Operations Center.
Because the current program only filters traffic flowing to contractors who have opted into the program, and the government doesn’t actually monitor, intercept, or store any communications filtered by the program, the NSA says it currently doesn’t violate any privacy laws. Furthermore, it is the NSA that developed the program, but it is the companies and ISPs that actually use the program, so any violation of privacy would be on behalf of private companies and not the government. Civil liberties advocates are more worried about private firms having the right, though not the obligation, to share any data collected through the program with the federal government.
The program, while it takes important steps toward increasing security, can only recognize known threats coming from external sources. New threats and viruses, as well as threats coming from within the company, employees seeking to deliberately leak material, etc. cannot be protected against. It also can’t protect against hackers who compromise security software, allowing them to log into the network as if they were authorized users, which was the case with the hacking of Lockheed Martin last month.
While working with contractors, the government has also been working on their own cybersecurity strategy, increasingly more vital to national security after the recent attacks on the CIA’s website. Not only will their strategy focus on defense and deterrence, but it will also give the military the means of waging cyberwarfare, attacking enemy intelligence should the U.S. become engaged in hostilities with another country or militant group.