New US cyber-intel agency: ‘What data will be collected and what will be used?’
The Obama administration has announced plans to set up a new federal spy center - Cyber Threat Intelligence Integration Center (CTIIC). It will “connect the dots between various cyber threats so the relevant government departments and agencies are aware of these threats in as close to real time as possible,” a senior Obama administration official said on Tuesday, as cited by Reuters.
On Friday, Stanford University is holding the Cybersecurity and Consumer Protection Summit. It is expected US President Barack Obama will attend and announce plans to force government and other organizations to share more data in order to avoid cyber-attacks.
RT:President Obama wants to create another federal intelligence service - Cyberintel. What do you think is behind the decision?
Chris Kitze: I think they are having some issues just getting cooperation between all the different branches of the government here. Most people I talked to in Silicon Valley are fairly negative on this whole concept. They think we’re already spending enough money to spy on things.
RT:Its main task is said to be sharing information with law enforcement and intelligence agencies. Do you think that this information will only be limited to declared cyber threats or is there more to it?
CK: There is no question there are attacks happening. We see that every day on our own network monitoring. Attacks are coming from all different places and some are government, some are criminal gangs. And I think that is probably the biggest trend that is getting hard to tell the difference between the two sometimes. But the main reason is ... yes there are these attacks that are definitely happening and the question is: what do you do to stop them?
RT:The agency is supposed to supervise all cyber security issues, to be a center that "connects the dots.” Do you think it’s safe to put all the eggs into one basket? Or is there a threat to privacy? Could it become a sort of super-agency that knows everything about everyone?
CK: Whenever you collect information it’s going to get used in variety of ways. The best case for someone who wants privacy and security is just to not to have any information collected. That is probably not realistic in today’s world. But I think people aspire to that and they certainly want some amount of privacy.
The issue with this new agency is where is the limitation and what the use of the data is going to be; what is collected and what is being used? And what they call the fusion centers or what they did within Homeland Security that was what they supposed to do - just fuse all this data together in one place so that people could look things up in a single record. That is very powerful from an information science point of view but it’s also very dangerous because it can get abused.
RT:What do you make of this project?
CK: It sounds like they haven’t officially announced it yet, so it’s hard to say anything definitive, but it looks to me like it’s going to be pretty much of a grab-bag and an open-ended project. These things always start with small amounts and then they end up bigger and bigger. That’s how the government works.
RT:Is it something new or are there some other organizations already dealing with these sorts of things?
CK: No, of course not. We’ve already got people who are professionals doing these things at other agencies. The real question is: how much money are we spending with these other agencies and why are they doing this?
RT:What advice could you give to the internet users? How can they limit information on their computers to secure it?
CK: Here is the threat - you have the knowledge about things but when you can do things in real time when can see different packets of information going across the internet in real time you can look inside, you can decide what you want to do: you can record the information, you can block the information, or you can minify the information. That is the issue here - whether the limitations to what can be done with this information. Once the information is collected it’s like a genie getting out of the bottle - it’s going to have its own life.
RT:There is mainstream media that delivers information to people, but what can you say about the alternative sources of information that reveal secret information? Is it possible somehow to track the cyber-attacks?
CK: There is a lot that is happening with the alternative media right now, not only in the US but around the world. There are a lot of whistleblowers who are bringing the truth out to people, and there are a lot of people who don’t want this information to come out. So in effect there is that kind of a battle ground. But there is also a cyber-war going on right now. And … there is a website called ipviking.com that you can go look at and you can see the attacks coming in in real time. They are going from one place to another mostly hammering server farms that are being used for information collecting, looks like to me… a lot of attacks on St. Louis, I would like to know what is going on there besides the MasterCard data center.
The statements, views and opinions expressed in this column are solely those of the author and do not necessarily represent those of RT.