So, the increased online surveillance and tracking we’ve been expecting is revealed as an ‘updated’ version of the Einstein program. Looking back on previous reports on the Einstein program, it’s clear that a Federal pilot program intended (initially) to spy on government employees is now to be ready to be rolled out to the rest of the Internet. Wayne Madsen revealed through his sources in Sept 2008 that Einstein, far from conducting routine traffic analysis – the official line at the time – conducts analysis of message content, and that the technology, codenamed Pinwheel, was developed for foreign signals intelligence. Mr. Madsen further reported that “The DNI and NSA also plan to move Einstein into the private sector by claiming the nation’s critical infrastructure, by nature, overlaps into the commercial sector. There are classified plans, already budgeted in so-called “black” projects, to extend Einstein surveillance into the dot (.) com, dot (.) edu, dot (.) int, and dot (.) org, as well as other Internet domains” This should not be news to anyone – whistleblowers within the telecom industry have already revealed the extent to which the NSA wiretaps Americans. Lawsuits against the telcos were dismissed in January for reason that the damages inflicted were ‘non-specific’. But this story’s even bigger than that: US net surveillance is just one aspect of a global program. You’d best speak up now while you can.
Flashback: Cyberwar Hype Intended to Destroy the Open Internet | Google, NSA may team up to probe cyberattacks | UN agency calls for global cyberwarfare treaty, ‘driver’s license’ for Web users | Death Of The Internet: Censorship Bills In UK, Australia, U.S. Aim To Block “Undesirable” Websites | Australia introduces web filters | Obama Wants Computer Privacy Ruling Overturned | UK Internet surveillance plan to go ahead | Security boss calls for end to net anonymity | Case for Internet spying not closed | Planned Internet, wireless surveillance laws worry watchdogs | UK ISPs condemn Internet surveillance plans | UK to found new ‘cyber-security’ units attached to national eavesdropping centre | ISPs must help police snoop on internet under new bill | UK plans to integrate ‘cybersecurity’ centre with US, Canada | Cybersecurity Is Framework For Total Government Regulation & Control Of Our Lives | Obama Set to Create A Cybersecurity Czar With Broad Mandate | EU wants ‘Internet G12ÃƒÂ¢Ã¢â€šÂ¬Ã‚Â² to govern cyberspace | UK Home Secretary has secret plan to surveil, ‘Master the Internet’ | Munk Centre researchers discover botnet, call for international cyberspace ‘legal regime’ | NSA Dominance of Cybersecurity Would Lead to ‘Grave Peril’, Ex-Cyber Chief Tells Congress | Do We Need a New Internet? | Defense Contractors See $$$ in Cyber Security | RCMP to helm a Canadian “cyber-security strategy” | Sweden approves wiretapping law | Law Professor tells tech conference: plans to shut down Internet already on deck
Declan McCullagh, CNET News
March 4, 2010
|Homeland Security Secretary Janet Napolitano, who told a House appropriations hearing that Einstein 3 could only be discussed in a classified setting, speaks at the RSA conference on Wednesday.
(Credit: James Martin/CNET)
SAN FRANCISCO–Homeland Security and the National Security Agency may be taking a closer look at Internet communications in the future.
The Department of Homeland Security’s top cybersecurity official told CNET on Wednesday that the department may eventually extend its Einstein technology, which is designed to detect and prevent electronic attacks, to networks operated by the private sector. The technology was created for federal networks.
Greg Schaffer, assistant secretary for cybersecurity and communications, said in an interview that the department is evaluating whether Einstein “makes sense for expansion to critical infrastructure spaces” over time.
Not much is known about how Einstein works, and the House Intelligence Committee once charged that descriptions were overly “vague” because of “excessive classification.” The White House did confirm this week that the latest version, called Einstein 3, involves attempting to thwart in-progress cyberattacks by sharing information with the National Security Agency.
Greater federal involvement in privately operated networks may spark privacy or surveillance concerns, not least because of the NSA’s central involvement in the Bush administration’s warrantless wiretapping scandal. Earlier reports have said that Einstein 3 has the ability to read the content of emails and other messages, and that AT&T has been asked to test the system. (The Obama administration says the “contents” of communications are not shared with the NSA.)
“I don’t think you have to be Big Brother in order to provide a level of protection either for federal government systems or otherwise,” Schaffer said. “As a practical matter, you’re looking at data that’s relevant to malicious activity, and that’s the data that you’re focused on. It’s not necessary to go into a space where someone will say you’re acting like Big Brother. It can be done without crossing over into a space that’s problematic from a privacy perspective.”
If Einstein 3 does perform as well as Homeland Security hopes, it could help less-prepared companies fend off cyberattacks, including worms sent through e-mail, phishing attempts, and even denial of service attacks.
On the other hand, civil libertarians are sure to raise questions about privacy, access, and how Einstein could be used in the future. If it can perform deep packet inspection to prevent botnets from accessing certain Web pages, for instance, could it also be used to prevent a human from accessing illegal pornography, copyright-infringing music, or offshore gambling sites? [Ed. Note: Or political sites, some of which have been blocked in Australia.]
“It’s one thing for the government to monitor its own systems for malicious code and intrusions,” said Greg Nojeim, senior counsel at the Center for Democracy and Technology. “It’s quite another for the government to monitor private networks for those intrusions. We’d be concerned about any notion that a governmental monitoring system like Einstein would be extended to private networks.”
AT&T did not respond to a request for comment on Wednesday.
Cooperation, or a loss of control?
At the RSA Conference here on Wednesday, Homeland Security Secretary Janet Napolitano stressed the need for more cooperation between the government and the private sector on cybersecurity, saying that “we need to have a system that works together.”
During a House appropriations hearing on February 26, Napolitano refused to discuss Einstein 3 unless the hearing were closed to the public. “I don’t want to comment publicly on Einstein 3, per se, here in an unclassified setting,” she said. “What I would suggest, perhaps, is a classified briefing for members of the subcommittee who are interested.”
Some privacy concerns about Einstein have popped up before. An American Bar Association panel said this about Einstein 3 in a September 2009 report: “Because government communications are commingled with the private communications of non-governmental actors who use the same system, great caution will be necessary to insure that privacy and civil liberties concerns are adequately considered.”
Jacob Appelbaum, a security researcher and programmer for the Tor anonymity project, said that expanding Einstein 3 to the private sector would amount to a partial outsourcing of security. “It’s clearly a win for people without the security know-how to protect their own networks,” Appelbaum said. “It’s also a clear loss of control. And anyone with access to that monitoring system, legitimate or otherwise, would be able to monitor amazing amounts of traffic.”
Einstein grew out of a still-classified executive order, called National Security Presidential Directive 54, that President Bush signed in 2008.
While little information is available, former Homeland Security Secretary Michael Chertoff once likened it to a new “Manhattan Project,” and the Washington Post reported that the accompanying cybersecurity initiative represented the “single largest request for funds” in last year’s classified intelligence budget. The Electronic Privacy Information Center has filed a lawsuit (PDF) to obtain the text of the order.
Homeland Security has published (PDF) a privacy impact assessment for a less capable system called Einstein 2–which aimed to do intrusion detection and not prevention–but has not done so for Einstein 3.
The department did, however, prepare a general set of guidelines (PDF) for privacy and civil liberties in June 2009. In addition, the Bush Justice Department wrote a memo (PDF) saying Einstein 2 “complies with” the U.S. Constitution and federal wiretap laws.
That justification for Einstein 2 “turned on the consent of employees in the government that are being communicated with, and on the notion that a person who communicates with the government can’t then complain that the government read the communication,” said CDT’s Nojeim. “How does that legal justification work should Einstein be extended to the private sector?”