NSA to Spy on Critical Infrastructure, Says WSJ

The NSA has a new program called “Perfect Citizen” that lets it monitor the networks of utilities and other “critical” infrastructure to identify potential electronic attacks, The Wall Street Journal reported Wednesday. Under the $100 million program, the nation’s top spying group will embed surveillance probes in privately owned networks to look for suspicious behavior, […]

The NSA has a new program called "Perfect Citizen" that lets it monitor the networks of utilities and other "critical" infrastructure to identify potential electronic attacks, The Wall Street Journal reported Wednesday.

Under the $100 million program, the nation's top spying group will (http://online.wsj.com/article/SB10001424052748704545004575352983850463108.html) to look for suspicious behavior, the Journal's Siobhan Gorman reports. The NSA, which has the dual responsibility for eavesdropping on other countries and defending .mil networks, has no authority to order companies to install its spying software, but cooperation can be achieved through a bit of arm-bending, according to the paper.

The NSA, part of the Defense Department, is getting around a broad prohibition against the military operating on U.S. soil by pairing with Homeland Security on the program. The move to expand the NSA and government computer-security defenses beyond the government's own networks is unprecedented, but not unexpected. Nor is the creepy, Orwellian name "Perfect Citizen" unusual, following the trail blazed by the ostensibly defunct Total Information Awareness project.

Government insiders have recently been whipping up bureaucratic and public support for increased government funding for computer security. Former Director of National Intelligence Michael McConnell convinced President Bush to sign a still-largely-secret computer-security plan in January 2008, after telling him that hackers going after the nation's banks could cause economic damage worse than the Sept. 11 attacks.

Now back at a government-contracting business, McConnell was given space in The Washington Post to declare the nation was actually in the midst of a cyberwar that it was losing, without actually noting who the country was at war with or where the casualties were being treated.

The secretive NSA has long had carte blanche to spy on the world's communications outside U.S. borders, but violated that limitation during the George W. Bush administration, when it was allowed to spy on Americans' online communications with help from pliant telecoms such as AT&T. That spying was largely legalized in July 2008, when Congress rewrote the nation's surveillance law and gave retroactive immunity to the companies that helped. But a federal district court judge recently ruled the government illegally spied on two American lawyers and will likely have to pay them $600,000 and millions in legal fees.

McConnell's quest to get the NSA a beachhead in the public internet (beyond its secret spyrooms in AT&T's facilities) has gotten help from media outlets that are in thrall with the idea of cyberwar and cool doomsday scenarios – check the Economist's recent cover and the glowing reviews of Richard Clarke's embarrassingly inaccurate new book Cyberwar.

Reporter Gorman herself has likely helped, with a front-page story in April 2009 that reported that Russian and Chinese spies had gotten into the U.S. grid and left malware behind. Not a single official was quoted on the record attesting to the intrusions, and no evidence to back the claims has surfaced since. Gorman is known for her contacts within the NSA.

U.S. officials and 60 Minutes have likewise attributed a blackout in Brazil to hackers, though Wired.com's reporting from Brazil showed that soot, not a cyberattack, was to blame.

A cybersecurity bill set for a floor vote in the Senate would require owners of critical infrastructure to adhere to security standards and gives the president the authority to seize control of their networks in an emergency. The best security practice, of course, is to not connect secure infrastructure to the public net, a practice known as "air gapping" that has long prevented classified government networks from outsiders infiltrating the networks to steal data.

Photo: Electrical towers probably not accessible through your IM client. Jayson Shenk/Flickr
Frontpage photo credit: Andrea Sherten/Flickr

See Also: