NSA’s ‘MonsterMind’ could automate cyber war

This post is also available in: עברית (Hebrew)


The National Security Agency is developing a cybersecurity machine that could detect and automatically counter attacks against U.S. computers by blocking access to American networks, according to reports from former agency contractor Edward Snowden.

That automated response of the machine known as “MonsterMind” is dangerous because it may target computers of people who are unaware they are under the control of a hacker, and could lead the NSA to unintentionally disrupt civilian connections and even cause an international incident, Wired reports.

Countries like Germany and Brazil sought international recourse against the U.S. after reports that the NSA spied on their citizens, so automated cybersecurity retaliation would probably be even more unpopular. Being blocked from access to American networks could bring anybody’s online life or business to a screeching halt. It’s unclear from Snowden’s interview whether MonsterMind would take other forms of retaliation besides blocking a signal to U.S. networks, but collateral damage would certainly be a problem.

iHLS Israel Homeland Security

Hackers often stage online attacks through a network of computers called a bot net, which is a series of computers infected with malware that allows a hacker to control and trigger the machines without the user knowing about it. Bot nets often include computers outside the home country of the hacker group to help avoid detection.

The plan to build a cybersecurity machine that would monitor all private communications coming into the U.S. for attacks and retaliate without human involvement was the last straw that led Snowden to become a whistleblower, he said.

“The argument is that the only way we can identify these malicious traffic flows and respond to them is if we’re analyzing all traffic flows,” Snowden said. “And if we’re analyzing all traffic flows, that means we have to be intercepting all traffic flows. That means violating the Fourth Amendment, seizing private communications without a warrant, without probable cause or even a suspicion of wrongdoing.”

Snowden is working at an unnamed technology firm in Russia. He can apply to be a citizen there after five years of residency.