This post is also available in: עברית (Hebrew)
Even while rapidly expanding its electronic surveillance around the world, the National Security Agency has lobbied inside the government to deploy the equivalent of a “Star Wars” defense for America’s computer networks, designed to intercept cyberattacks before they could cripple power plants, banks or financial markets.
According to the New York Times, administration officials say the plan, championed by Gen. Keith B. Alexander, the director of the National Security Agency and head of the Pentagon’s Cyber Command, has virtually no chance of moving forward given the backlash against the N.S.A. over the recent disclosures about its surveillance programs.
Senior agency officials concede that much of the technology needed to filter malicious software, known as malware, by searching incoming messages for signs of programs designed to steal data, or attack banks or energy firms, is strikingly similar to the technology the N.S.A. already uses for surveillance.
“The plan was always a little vague, at least as Keith described it, but today it may be Snowden’s biggest single victim,” one senior intelligence official said recently, referring to Edward J. Snowden, the former N.S.A. contractor who released documents revealing details of many of the agency’s surveillance programs.
This summer, the N.S.A. has begun assembling scores of new cyber “offense” and “defense” teams, the agency’s most concrete step toward preparing the Pentagon and intelligence agencies for a new era of computer conflict. Erecting a national cyberdefense is a key element of that plan. At an interagency meeting that discussed the flood of cyberattacks directed daily at American networks, from Chinese efforts to steal corporate secrets to Iranian efforts to cripple financial institutions, General Alexander said, “I can’t defend the country until I’m into all the networks,” according to other officials who were present.
The appeal of such a program is its seeming simplicity: The worst malware could be blocked before it reaches companies, universities or individual users, many of whom may be using outdated virus protections, or none at all. Normal commercial antivirus programs are always running days, or weeks, behind the latest attacks — and the protection depends on users’ loading the latest versions on their computers.