Obama’s cybersecurity plan: Monitor more of the Internet
President Barack Obama’s plan to protect the United States’ critical infrastructure against cyberattacks is accelerating quickly as more private sector businesses are signing on to share information with the federal government.
When Pres. Obama rolled out his ‘Improving Critical Infrastructure Cybersecurity’ executive order last month, he asked that classified cyber threat and technical information collected by the government be given to eligible commercial service providers that offer security services to businesses linked to the country’s critical infrastructure.
But in the few short weeks since the order was announced during the president’s annual State of the Union address, warnings of an imminent attack have only increased. CIA Director John Brennan told a panel last week that "the seriousness and the diversity of the threats that this country faces in the cyber domain are increasing on a daily basis," and US national intelligence chief James Clapper claims there is "a remote chance of a major cyberattack against US critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage."
Upon announcement of the executive order, a handful of defense contractors and telecom companies — namely Lockheed Martin, Raytheon, AT&T and CenturyLink — confirmed that they’d be voluntarily sharing information back and forth with the country’s top intelligence agencies in order to closely monitor any threats that could collapse the country’s critical infrastructure, a vaguely defined category assumed to include the nation’s power systems, telecommunication wires and other major utilities.
“The demand is there. I think the priority is there, and the threat is serious,” Steve Hawkins, vice president of information and security solutions for Raytheon, told Bloomberg earlier in the month.
As warnings of a cyberattack increase, however, the latest news out of Washington is that even more private sector companies with ties to critical infrastructure will be participating in the program. In a report published on Thursday by Reuters, the newswire notes that the framework first outlined during last month’s executive order is already quickly shaping up, with tasks being delegated throughout the US so that threat information can be adequately passed to applicable persons.
According to Reuters’ latest write-up, the executive order will require the National Security Agency to collect classified intelligence on serious hacking attempts aimed at American businesses, which will then be handed over to the Department of Homeland Security to pass on to the telecom and cybersecurity providers — Raytheon, AT&T and others — where employees holding security clearances will scan incoming emails and routine Web traffic for threats to the infrastructure.
But while the government has long asked the entities to open up lines of communication with the NSA and other offices, smaller private-sector businesses could soon be signing on. According to Joseph Menn and Deborah Charles of Reuters, the government is already expanding their cybersecurity program so that even more Web traffic heading into and out of defense contractors will be scanned to include far more of the country's private, civilian-run infrastructure.
“As a result, more private sector employees than ever before, including those at big banks, utilities and key transportation companies, will have their emails and Web surfing scanned as a precaution against cyberattacks,” they write.
Once those participating companies sign on to get data from Homeland Security, the DHS will send them computer threat “signatures” obtained by the NSA that will offer a list of red flags to be watching out for as huge amounts of Web data is scanned second-by-second and bit-by-bit.
“The companies can use this intelligence to strengthen cybersecurity services they sell to businesses that maintain critical infrastructure,” Bloomberg News reports.
That intelligence, including but not limited to cyber timestamps, indicators and the critical sector potentially, can then be monitored to search for malicious code and viruses sent through America’s Internet with the intent of causing harm. In exchange, the critical infrastructure companies that could be targeted by cyberterrorists will pay the contractors and telecoms for their help.
The threat of a cyberwar crippling America’s power grid and communication systems has been ramped-up in recent weeks, particularly in light of a highly-touted report that linked Chinese state actors with repeated attempts to sabotage US businesses and conduct espionage to steal secrets.
"Increasingly, US businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," National Security Adviser Thomas Donilon told the Asia Society in New York last week. "The international community cannot afford to tolerate such activity from any country.”