WASHINGTON — Three of the nation's largest Internet service providers are cooperating with a new National Security Agency program to sift through the traffic of major defense contractors with the goal of blocking cyber attacks, defense and industry officials say.
The novel program, which began last month on a voluntary, trial basis, relies on sophisticated NSA data sets to identify malicious programs slipped into the vast stream of Internet data flowing to the nation's largest defense firms. Such attacks, including one last month against Lockheed Martin, are nearly constant as nations and terrorist groups seek access to U.S. military secrets.
The prospect of an NSA role in the monitoring of Internet traffic already had raised concerns among privacy activists, and Lynn's suggestion that the program might be extended beyond the work of defense contractors threatened to raise the stakes further.
James Dempsey, the Center for Democracy & Technology's vice president for public policy, said that any version of the program must have protections against government access to civilian Internet traffic.
The pilot program works by using NSA-developed "signatures," or fingerprints of malicious code, as well as sequences of anomalous network behavior, to filter the Internet traffic flowing to defense contractors.
The Internet service providers, which have the option but not the obligation to report the success rate to the NSA's Threat Operations Center, are AT&T, Verizon and CenturyLink. They are seeking to filter the traffic of 15 defense contractors.
Partnering with the major Internet carriers "is probably the technically quickest way to go and the best way to go" to defend dot-com networks, said Gen. Keith Alexander, who heads the NSA and the affiliated U.S. Cyber Command at Fort Meade, Md.
The premise behind this strategy is that combining the carriers' ability to filter massive volumes of traffic — a large carrier can monitor up to 100 gigabits of traffic per second — with the NSA's expertise will provide a greater level of protection without violating privacy laws.