Role of Bush NSA Plan Under Review
Friday, April 17, 2009
The Bush administration planned last year to direct the National Security Agency, which specializes in spying electronically on foreign adversaries, to take the techniques it has employed to defend military computer networks and use them to protect U.S. government civilian networks, according to current and former officials.
When the effort did not proceed as quickly as hoped, NSA employees on loan to the Department of Homeland Security sought to test sophisticated software that would send sensor technologies into the Internet to detect malicious code entering civilian government networks, the officials said.
The goal: "Stop it before it gets there," one former official said. He and other sources spoke on the condition of anonymity because the methods are classified.
The Obama administration is looking at the Bush plan as part of a 60-day review of the government's cybersecurity strategies and programs expected to be completed today. Congressional committees had concerns about civil liberties, cost and complexity, officials said. DHS still plans to conduct the sensor test, part of a program called Einstein 3, in a manner that the department says will respect privacy and civil liberties laws and rules, and has briefed Congress on the proposal, spokeswoman Amy Kudwa said.
The Bush administration's Comprehensive National Cybersecurity Initiative, much of which is classified, has renewed longstanding anxieties about whether the NSA -- which has spurred controversy over its warrantless surveillance of Americans' e-mails and phone calls -- can be trusted to keep inappropriate information out of its files.
Debate over the NSA's role in protecting the government and nation's computer networks is one of the thorniest issues facing the Obama administration's effort to build a broad cybersecurity strategy, one that is also intended to shield the increasingly global computer networks of major telecommunications, banking and utility companies.
The NSA's advocates say it is the only body with the technology and expertise to detect and thwart cyber attacks, but there are questions about its legal authority to protect civilian and private commercial systems, as well as privacy concerns, experts say. Meanwhile, the mission of the Department of Homeland Security is to defend civilian and commercial grids, but its skills, experts say, are lacking.
"The only people who can do the things we need to do today is NSA," said James A. Lewis, a senior fellow at the Center for Strategic and International Studies who directed a major study on the cybersecurity threat last year. "Then you immediately run into this legal issue. What can be surveilled domestically without a warrant?"
A top DHS cybersecurity official resigned last month to protest, among other things, a perceived power grab by the NSA. "NSA effectively controls DHS cyber efforts through detailees, technology insertion and the proposed move of [two DHS entities] to a Fort Meade NSA center," Rod Beckstrom, former director of the National Cyber Security Center, complained in a March 5 letter to Homeland Security Secretary Janet Napolitano. "NSA currently dominates most national cyber efforts."
At a speech at Stanford University last month, NSA Director Keith B. Alexander stressed that the agency seeks only to defend the government computer networks. To do so, he said, the government must marry the offensive skills spy agencies use to detect cyber threats with the defensive skills to thwart them. He said the government must create an "early warning" sensor grid and a real-time ability to detect a threat and parry it.
Meanwhile, congressional intelligence officials said yesterday that they will continue to look into revelations, reported in the New York Times, that the NSA had swept up the communications of Americans while targeting foreign groups and individuals. The House and Senate intelligence committees have had several briefings on the matter from Justice Department officials who said the overly expansive wiretapping was corrected after it was discovered during a routine review of the NSA program. Officials, however, declined to say how many Americans were affected, and what fixes were made to the program.
The lapses were primarily "technical stuff," said one former intelligence official with access to sensitive reports about the program. The official, who spoke on the condition of anonymity because the surveillance program is secret, noted that there had been no credible allegations of deliberate abuse. "There were no cases where [surveillance] was conducted in bad faith or used for improper purposes," the official said.