SAN FRANCISCO – A senior Defense Department official said today that the U.S. military should “expand” a technological shield used to protect their own networks for large private sector teams as well, which could sweep parts of the Internet and raises civil liberties issues.
William Lynn, Under Secretary of Defense, proposed at the RSA Conference to extend “the high level of protection afforded by active defense to private networks that operate the infrastructure,” which is crucial for the army or the U.S. economy.
What Lynn refers to as “active defense” were initiated by the National Security Agency. In an essay last year, Lynn compared with a cross between a “sentinel” and a “sniper”, which can also hunt within “a network of malicious code or an attacker who managed to penetrate the network perimeter.
But the power to control civilian networks for misconduct includes the ability to control, in general, and was the NSA also pioneered a controversial program of warrantless wiretapping under the Bush administration. NSA Director Keith Alexander was appointed head of U.S. Cyber Command last year, an idea he had defended Lynn.
The privacy concerns are likely to turn into the details, including whether the military is limited to establishing the source code for the technologies of defense and attack – or whether it includes the real authority and supervision. Another open question is whether sites like Hotmail.com Google.com and could be considered “critical infrastructure” or the definition is reduced to facilities such as power plants.
Lynn, who has spoken frequently about cyber security threats in the last year, gave no further details. “Ensuring military networks matter little if the grid goes down or the rest of the government ceases to function,” he said.
That echoes comments made by Senators Joseph Lieberman (I-Conn.) and Susan Collins (R-Maine), who are committed to restoring a controversial bill gives the president power Obama in computer systems private property during a “national cyberemergency, with limited judicial review. It has been called an Internet “kill switch” bill, especially after Egypt’s what he did.
For now, the Pentagon is responsible only for defense. Computers million, and the Department of Homeland Security has the responsibility of other government networks. Lynn said the army (and remember, the NSA is part of the Department of Defense) is helping EDS, as well as providing troops and helicopters to help after a natural disaster
“The Army provides support to DHS in the cyber domain,” said Lynn. As troops and equipment provided to FEMA, he said, the military cyber support will be “available to civilian leaders to help secure networks that support the operations of government and critical infrastructure … These resources are under civilian control and be used according to civil laws. ”
“Through the classified information based on the threats and the technology we have developed to use a network defense,” he said, “that can significantly increase the effectiveness of cyber security practices that the industry is doing.”
Homeland Security hinted at this during an interview with ZDNet Asia site last year, CNET sister at the RSA Conference. The department said at the time that could eventually extend Einstein 3 technology, which is designed to detect and prevent cyber attacks in progress by the exchange of information with the NSA, the networks operated by the private sector.