Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Government United States

US Plans Cyber Shield For Private Companies and Utilities 178

Posted by samzenpus from the more-power-to-the-shields dept.
wiggles writes "The federal government is launching an expansive program dubbed 'Perfect Citizen' to detect cyber assaults on private companies and government agencies running such critical infrastructure as the electricity grid and nuclear-power plants, according to people familiar with the program. The surveillance by the National Security Agency, the government's chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn't persistently monitor the whole system, these people said. How do we feel about NSA spyware in all of our infrastructure?"
This discussion has been archived. No new comments can be posted.

US Plans Cyber Shield For Private Companies and Utilities More

US Plans Cyber Shield For Private Companies and Utilities

Comments Filter:

  • Spyware? Really? (Score:4, Informative)

    by 0xdeadbeef ( 28836 ) on Thursday July 08, 2010 @12:35PM (#32841460) Homepage Journal

    When zealots can't distinguish between legitimate security and illegitimate spying, it hurts the credibility of civil liberties, not the NSA.

  • Re:Surveillance (Score:5, Informative)

    by rotide ( 1015173 ) on Thursday July 08, 2010 @12:39PM (#32841534)

    I'm no tinfoilhatter (see my post history) and I can easily state that the government does and has been monitoring communications of citizens since before the PATRIOT Act.

    Google any of the following:
    Project Echelon
    FBI Carnivore
    FBI NarusInsight

    This isn't fear mongering against the government. Those are actual programs/projects the government uses to watch those they want to watch. Actively, passively, whatever it is it doesn't change the fact that the government has the means and the will to watch those it finds worth watching.

    Now, to think that the new system will watch international connections only is short sighted. All you have to do is argue that an "enemy" could bounce through an internal (to the US) proxy and the government would have wholesale reason to peek at _every_ connection, foreign or domestic.

  • Ahhh... (Score:4, Informative)

    by Securityemo ( 1407943 ) on Thursday July 08, 2010 @12:39PM (#32841548) Journal
    From the article text, it sounds like this means deploying "normal" IDS systems on a per-network basis. "Not persistently monitor the whole system" probably serves to clarify that it won't log, capture or analyze all data; an IDS triggers when it detects something that it's rules/signatures match, much like an antivirus sans emulation/sandboxing unpacking and behaviour monitoring . "The overall purpose of the [program] is our Government...feel[s] that they need to insure the Public Sector is doing all they can to secure Infrastructure critical to our National Security" sounds like they're forcing them to comply to inspection or testing.
    Also, they might have wanted to pick a less dr-strangeglove-sounding name. But maybe the NSA geeks have a sense of humour too?

  • Re:Concerns that don't involve tinfoil hats. (Score:3, Informative)

    by commodore64_love ( 1445365 ) on Thursday July 08, 2010 @01:04PM (#32841900) Journal

    >>>there's the age old... "they put something called linux on it, and it looked like something a hacker might use" problem

    Like that poor kid who was given detention. His crime? Demonstrating Linux on his personal laptop during study hall, and handing out free CDs of it to friends. The teacher assumed the kid was a pirate and punished him. She even went so far as to contact the guy who created the original CD, and scold him too! "I don't know why you are handing-out these CDs but I play to consult with lawyers and if necessary prosecute. We cannot allow you to corrupt our children." (Quoted from memory)

    Fortunately a teacher has no real power, but imagine this story is the "teacher" was replaced with "NSA enforcement officer" knocking at your door and arresting you for illegal acts, such as handing out free copies of Ubuntu Linux OS. (And yes cops really are that fucking stupid. Go watch some vids on youtube.)

  • Re:Kiss Open Systems Goodbye (Score:4, Informative)

    by chill ( 34294 ) on Thursday July 08, 2010 @01:10PM (#32841986) Journal

    You do know they're talking about doing this to water, electric, utilities, gas and railroad infrastructure, right? "Critical infrastructure", such as traffic control centers, the power grids, gas grid and the like. You aren't critical infrastructure. WoW certainly as hell shouldn't be running on critical infrastructure. Traffic in those network SHOULD be watched and coordinated. The companies can either let the NSA do it or purchase the equipment and do it themselves.

    Last I knew, those "proprietary systems" (example here [narus.com]) were Linux-based using libpcap but on screaming fast hardware. Proprietary analysis software is used to baseline traffic patterns and look for anomalies.

  • Re:Surveillance (Score:3, Informative)

    by mrbofus ( 1189727 ) on Thursday July 08, 2010 @01:21PM (#32842160)
    What the submitter forgot to include is that this is an opt-in program; companies can choose to have their networks monitored by the government. Might have helped in a case like the Google/China hacking incidient.

Slashdot Top Deals

Get hold of portable property. -- Charles Dickens, "Great Expectations"

Close