US Plans Cyber Shield For Private Companies and Utilities

wiggles writes "The federal government is launching an expansive program dubbed 'Perfect Citizen' to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants, according to people familiar with the program. The surveillance by the National Security Agency, the government's chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn't persistently monitor the whole system, these people said. How do we feel about NSA spyware in all of our infrastructure?"

Surveillance

[SquarePixel]

Yes, because more surveillance is what is needed. Every year it goes further and further. The good thing is that at least they know to take it slowly - increase the surveillance just a little bit at a time and people wont really complain or notice. In a few years you will be there, just like with UK.

I would think that internet infrastructure belongs to the "critical" category too. Just tell your political opinions in a private conversation to someone, say you don't like the mayor and expect a lawsuit. How long until "harmful content" like P2P and porn starts to get blocked? Looks like USA is not that far from China after all.

And a name like a "Perfect Citizen"...

Re:Surveillance

[Pojut]

Seriously? Calm down. They aren't monitoring the communication of private citizens, they are monitoring incoming connections on critical infrastructure systems.

Besides, monitoring the communication of private citizens happened a while ago under a happy little thing called the Patriot Act. ::flamesuit::

Re:Surveillance

[causality]

Seriously? Calm down. They aren't monitoring the communication of private citizens, they are monitoring incoming connections on critical infrastructure systems.

Besides, monitoring the communication of private citizens happened a while ago under a happy little thing called the Patriot Act. ::flamesuit::

The mention of the Patriot Act was apropos. That's because when I first saw the name of this, "Perfect Citizen", I wondered whether that sounded Orwellian to anyone else.

Re:Surveillance

[rotide]

I'm no tinfoilhatter (see my post history) and I can easily state that the government does and has been monitoring communications of citizens since before the PATRIOT Act.

Google any of the following:
Project Echelon
FBI Carnivore
FBI NarusInsight

This isn't fear mongering against the government. Those are actual programs/projects the government uses to watch those they want to watch. Actively, passively, whatever it is it doesn't change the fact that the government has the means and the will to watch those it finds worth watching.

Now, to think that the new system will watch international connections only is short sighted. All you have to do is argue that an "enemy" could bounce through an internal (to the US) proxy and the government would have wholesale reason to peek at _every_ connection, foreign or domestic.

Re:Surveillance

[commodore64_love]

>>>hey aren't monitoring the communication of private citizens, they are monitoring incoming connections on critical infrastructure systems.

Like the smart meters being installed in Californian homes. All they need to do now is upgrade the firmware to include a little NSA spyware (literally) so they can how much energy you are using & what it was for. ("Running grow lamps in the basement - mmm interesting. Notify the Drug Agency.")

Patriot Act sucks

The Patriot Renewal Act which Obama signed sucks even more. At least George Duh Bush could claim he didn't know what was in the bill whe he signed it in 2001, but Obama observed the direct consequences of the law (police entering homes w/ self-written warrants; spying on communications; arrests without right of trial). He should have vetoed that bill.

Re:Surveillance

[Pojut]

Regardless, as I've said many times on this site...in the year 2010, honestly thinking that most if not all digital communication that you engage in isn't tracked, monitored, or recorded at SOME POINT, either by a company or by the government, is just foolish. I operate under the assumption that I have zero privacy with my cell phone and online, and act accordingly.

Re:Surveillance

[Tmack]

Seriously? Calm down. They aren't monitoring the communication of private citizens, they are monitoring incoming connections on critical infrastructure systems.

Besides, monitoring the communication of private citizens happened a while ago under a happy little thing called the Patriot Act. ::flamesuit::

FTFA:

A U.S. military official called the program long overdue and said any intrusion into privacy is no greater than what the public already endures from traffic cameras. It's a logical extension of the work federal agencies have done in the past to protect physical attacks on critical infrastructure that could sabotage the government or key parts of the country, the official said.

They basically come out and directly say they are taking advantage of a slippery slope and happily sliding down it. So monitoring people driving is the same as watching what they are doing online.... yeh, thats not a slippery-slope argument at all </sarcasm> Next is, well, we already monitor the critical infrastructure, why not just all corporations, why not just all ISPs and all home users, then we could really catch all those sleepercell terrrrists at home!! yeh1!! its just like red-light cameras.

Tm

Re:Surveillance

[slick7]

when I first saw the name of this, "Perfect Citizen", I wondered whether that sounded Orwellian to anyone else.

To paraphrase a quote, "The only Perfect Citizen is a totally subjugated and suppressed citizen".
To really secure the infrastructure, a system of up-links and down-links to the TDRS satellites would be more secure. If land-based connectivity is required, then dedicated fiber-optics is a good bet. Just by-pass the internet altogether.

Re:Surveillance

[Philip+K+Dickhead]

The summary for the submitted article misses almost EVERY important aspect to this story, as it was initially reported! It almost looks like an attempt to deliberately minimize concern over the dubious legality and suspect agenda for "Perfect Citizen".

In fact, Samzenpus and "Wiggles" seem content not to mention the program's Orwellian name, nor the specific use of the term "Big Brother" by Ratheon contractors associated with the NSA on this effort.

Here is the summary I supplied, when submitting this story as a front-pager for Slashdot. I believe that it is more cogent and INFORMATIVE than the blandness offered us.

The WSJ is reporting on an $100M NSA program "to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants." All of which sound nice enough, if one does not become critically focused on the name they chose for this effort: 'Perfect Citizen'. Releasing this to the WSJ has the appearance of PR cover for the expansion of both warrantless surveillance and the intrusion of the NSA into a theatre of domestic operations.
Ratheon, the NSA contractor charged with realizing the NSA vision for the 'Perfect Citizen' program openly called this the "Big Brother" system, in internal communications.

For once, I really wouldn't mind a "dupe" story, either my summary or that of another poster with some insight to the implications of "Perfect Citizen".

Re:Surveillance

[badboy_tw2002]

Yeah, its too bad they don't include more unsubstantiated facts and editorial opinions with strong biases in the summaries. I was just thinking how much I was missing that!

And the Maginot Line will protect France

[Palestrina]

That's the problem with big expensive publicly-announced efforts to protect against known attacks. The bad guys tend to not be idiots, and don't do what you expect. Come on, we can't even protect ourselves from our own stupidity, like when a trader accidentally enters an order for a billion rather than a million. If our systems are so fragile, then it doesn't take much. Oh, and what makes anyone thing that we don't have insiders willing to initiate cyber attacks? A big fire wall on the ourside doesn't help much there.

Slashdot

[warGod3]

I wonder if the "Slashdot Effect" would be considered a "cyber assault"?

Re:Asinine

[jeffmeden]

The first thing I thought of when I read the flame-inducing "How do we feel about NSA spyware in all of our infrastructure?" was "oh well, at least there will be good-guy spyware in there with the bad-guy spyware..."

Do you really think that these private firms are honky dory with their current systems? As discussed to death at Black Hat 20[insert any year here], most private firms are years behind the DOD when it comes to info security, some of them ignoring it outright (the new power grid technology comes to mind).

If these companies aren't going to take security seriously, is it really wrong to offer a program that lets the NSA help them out? Or worse, would you rather the NSA simply hold out for a secret executive order to place surveillance equipment without the need to tell anyone? I think that this step, at least, is in the right direction. It could still go horribly wrong, but why kill it before it has the chance to do some good?

And now for the Tinfoil stuff

[Philip+K+Dickhead]

What if there are no "massive cyber-attacks" by "Chinese hackers"?

Who'd know? The key part of almost every successful TCP/IP network attack or compromise is the ability to manipulate intermediate hosts, etc. to obfuscate and mislead as to the actual "real location" of the attacker or malicious agent. When I was so preoccupied, in the mid/late-nineties, it was common practice to use Chinese IP space as "base-camp" for our explorations. I remember, in particular, an entire University lab of several dozen Sparc5 clones, directly connected to the Internet. Getting shell on these was a trivial exercise. The poor quality of the systems administration on these hosts was also an excellent indication that any forensics effort would be pretty hopeless, with the simple deletion of local logfiles.

Given the resources of a US or Israeli intelligence agency, it is completely likely that attacks could appear to be "Chinese" - without ever having a ZH presence. Manipulation of BGP, etc. could produce the required 'evidence'.

Which also begs the question: why would "Chinese" or "North Korean" state-sponsored "hacker gangs" be able to launch attacks with sophistication enough to be considered a threat to national infrastructure, yet simultaneously naive enough to be triangulated back to their supposedly surreptitious origin?

As they say, "Pull the other one, it has bells on it."

The only serious outcome of any mass-scale foreign cyber-attack has been to create a climate for the acceptance of increased surveillance, demolition of limits for Federal agencies and the Military in regards to the law-abiding civilian US population, and the complete obliteration of 4th and 1st Amendment protections afforded by the U.S. Constitution. What if that is not the "unintended consequence"?