The Wall Street Journal published an excellent article today entitled, “U.S. Program to Detect Cyber Attacks on Infrastructure” (subscription required), reviewing a large U.S. government program, named “Perfect Citizen,” with the stated objective to:
“… detect cyber assaults on private U.S. companies and government agencies running critical infrastructure such as the electricity grid and nuclear power plants, according to people familiar with the program.”
We all know that the national infrastructure is vulnerable, as I mentioned recently in my blog about NERC Critical Infrastructure Protection (CIP) Cyber Security Standards. The object of this program appears to be an attempt to discover security holes that may not be CIP compliant, and detect patterns of attack before harm can be done.
U.S. intelligence officials have grown increasingly alarmed about what they believe to be Chinese and Russian surveillance of computer systems that control the electric grid and other U.S. infrastructure. Officials are unable to describe the full scope of the problem, however, because they have had limited ability to pull together all the private data.
How do you tackle this challenge? Just monitor the network and find “unusual activity” that may suggest a pending cyber attack.
The surveillance by the National Security Agency, the government’s chief eavesdropping agency, would rely on a set of sensors deployed in computer networks for critical infrastructure that would be triggered by unusual activity suggesting an impending cyber attack, though it wouldn’t persistently monitor the whole system.
This accumulation and analysis of vast amounts of data from numerous sensors is a fascinating topic. Last September, I blogged about work led by Jeff Jonas to analyze large data sets to detect the types of anomalies the NSA are seeking – all to catch threats to the Las Vegas gaming industry. It would be interesting to know if the NSA is building upon his work to find terrorists before they strike.
Of course, any surveillance program led by the NSA is bound to be controversial, and this is no exception:
Some industry and government officials familiar with the program see Perfect Citizen as an intrusion by the NSA into domestic affairs, while others say it is an important program to combat an emerging security threat that only the NSA is equipped to provide.
Who knows … perhaps some day the NSA wizards might think my blogging efforts are a threat to national security and plant sensors to detect my email, blogging and social networking communications activity to see if something fishy is going on. After all, I am not a “Perfect Citizen,” whatever that means. No one is.
"The overall purpose of the [program] is our Government…feel[s] that they need to insure the Public Sector is doing all they can to secure Infrastructure critical to our National Security," said one internal Raytheon email, the text of which was seen by The Wall Street Journal. "Perfect Citizen is Big Brother."
It will be fascinating, in an apprehensive way, to see how this all comes together:
Because the program is still in the early stages, much remains to be worked out, such as which computer control systems will be monitored and how the data will be collected. NSA would likely start with the systems that have the most important security implications if attacked, such as electric, nuclear, and air-traffic-control systems, they said.
I doubt that covert surveillance of US citizens is the initial intent of this program, but unintended consequences are what trouble me. For some diabolical reason, increasing the amount of power vested in any one person or group of people tends to lead to oppression of others. And it sounds like this program will put vast informational power in the hands of a few.