Will Cyber Attack Promote Einstein?

Government Web sites were subjected to a denial of service attack over the past few days, which may have the unintended consequence of helping the Obama Administration sweep away privacy concerns as it begins implementing a controversial cybersecurity plan.

Michael Hickins, Contributor

July 8, 2009

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Government Web sites were subjected to a denial of service attack over the past few days, which may have the unintended consequence of helping the Obama Administration sweep away privacy concerns as it begins implementing a controversial cybersecurity plan.An army of zombies simultaneously bombarded sites operated by major government agencies, according to a report from the Washington Post, including

the departments of Homeland Security and Defense, the Federal Aviation Administration and the Federal Trade Commission.

Several private-sector Web sites were also attacked, including NASDAQ, the New York Stock Exchange and the Washington Post itself. (The inclusion of the Washington Post indicates that either the masterminds behind the attack wanted to ensure that their actions were reported, or have an inflated view of the role of the press in American life.)

Conveniently, given the timing of the attacks, the Obama Administration just last Friday announced a plan to "produce warnings [about cyber attacks] that.. are 'consistently actionable and timely.'" The timing of the announcement is also curious -- some might say deliberately obscurantist -- coming as it did when most Americans were starting a three-day holiday weekend.

The plan is a reboot of a controversial Bush Administration project, dubbed Einstein, which leans on private telecom companies like AT&T, with an assist from the National Security Administration (NSA), to track traffic coming to and from federal Web sites.

Telecommunication companies would route data going to and from government networks through an NSA monitoring box, which would examine the traffic for malicious code or suspicious activity suggestive of a network attack.

While the Obama Administration claims that the only traffic analyzed will be to government Web sites, and that the traffic will be screened for malicious code (not actual words), Einstein alarms privacy advocates, who see a slippery slope to surveillance of civilian communications:

concerns over the NSA's involvement in the program lie in whether private data would be effectively "shielded from unauthorized scrutiny."

Clearly, the Obama Administration wants to do everything possible to prevent a crippling blow to the nation's information and communications infrastructure, and it makes more sense on the face of it to amend and reuse an existing plan than to scrap it and start afresh. The Administration is also aware that it is most vulnerable, from a purely political perspective, when it comes to national security and terrorism. But it shouldn't assume that the American public ever bought into what President Obama himself termed a "false choice" between civil rights and security.

Maybe Einstein is a necessary step to thwarting future cyberattacks, but the Administration should clearly outline steps it's taking to ensure that neither the government nor private enterprises have undue access to private communications.

Read more about:

20092009
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights