Page 2 of 2   <      

Google to enlist NSA to help it ward off cyberattacks

These agencies include the FBI and the Department of Homeland Security.

Over the past decade, other Silicon Valley companies have quietly turned to the NSA for guidance in protecting their networks.

"As a general matter," NSA spokeswoman Judi Emmel said, "as part of its information-assurance mission, NSA works with a broad range of commercial partners and research associates to ensure the availability of secure tailored solutions for Department of Defense and national security systems customers."

Despite such precedent, Matthew Aid, an expert on the NSA, said Google's global reach makes it unique.

"When you rise to the level of Google . . . you're looking at a company that has taken great pride in its independence," said Aid, author of "The Secret Sentry," a history of the NSA. "I'm a little uncomfortable with Google cooperating this closely with the nation's largest intelligence agency, even if it's strictly for defensive purposes."

The pact would be aimed at allowing the NSA help Google understand whether it is putting in place the right defenses by evaluating vulnerabilities in hardware and software and to calibrate how sophisticated the adversary is. The agency's expertise is based in part on its analysis of cyber-"signatures" that have been documented in previous attacks and can be used to block future intrusions.

The NSA would also be able to help the firm understand what methods are being used to penetrate its system, the sources said. Google, for its part, may share information on the types of malicious code seen in the attacks -- without disclosing proprietary data about what was taken, which would concern shareholders, sources said.

Greg Nojeim, senior counsel for the Center for Democracy & Technology, a privacy advocacy group, said companies have statutory authority to share information with the government to protect their rights and property.

<       2

© 2010 The Washington Post Company