< "Perfect Citizen" to Detect Cyberattacks


Friday, July 23, 2010

BROOKE GLADSTONE: Last year, the Wall Street Journal’s Siobhan Gorman reported that U.S. security officials believed that Chinese and Russian cyberspies had not only hacked into the computer systems that run our electrical grid but left behind malicious software that could be activated at any time. In military terms, that’s called “preparing the battlefield” for some potential future war. Fast forward more than a year, and Gorman has now discovered what we're doing about it. She recently wrote in The Journal about a hush-hush program called “Perfect Citizen” designed to, quote, “detect cyber-assaults on private companies and government agencies.” The program is to be governed by the National Security Agency, which does not exactly have a stellar record when it comes to balancing global threats and personal privacy. It’s awarded defense contractor Raytheon – yes, another private company – a contract to develop ways to monitor our critical computer systems. And Gorman says we're not just talking about the electrical grid any more.

SIOBHAN GORMAN: Nuclear power plants, air traffic control systems, most city subways are also run by these computerized systems, as well.

BROOKE GLADSTONE: You quote an internal Raytheon email in which an employee likens the program to Big Brother. In fact, he or she says, quote, “Perfect Citizen is Big Brother.” [LAUGHS] Does that concern you?

SIOBHAN GORMAN: Uh, well, I did find it interesting. I mean, usually people who are working on these types of projects are very committed to national security and, while maybe taking privacy into account, usually feel that it’s being dealt with as part of the program. So I thought that that was a very revealing email in that it showed that people with very insider knowledge still don't necessarily feel the privacy concerns are being addressed.

BROOKE GLADSTONE: What sorts of information would the government be sorting through via Raytheon?

SIOBHAN GORMAN: It would most likely be looking for what are called anomalies in Internet traffic. So say you saw all of a sudden a lot of data flowing to some sort of computer system that was outside the norm. In theory, Perfect Citizen would pick that up and then do further digging to try to figure out, well, is it because somebody’s trying to steal data out of this system?

BROOKE GLADSTONE: So if what you've heard of this program involves just looking for anomalies, the kinds of things that private companies handle, our private information, our medical records, our financial records and so forth, wouldn't be tripping those alarms. So why is somebody inside calling this Big Brother?

SIOBHAN GORMAN: Some people feel that programs like that are sort of the first step down the road to government collection, on lots of other elements of the private sector. One potential concern about safeguards is well, where is it that NSA would be getting this data? Would it be collecting it directly from the companies or would there be multiple steps through which the company would actually vet the data that is ultimately provided to NSA, and who’s actually controlling the flow of that information?

BROOKE GLADSTONE: Many of us were concerned when we found out that the NSA was in a position to data mine telephone calls and our Internet use. Then they had some agreement with Google to look at some of that information. How does this expand the reach that the NSA already has?

SIOBHAN GORMAN: Well, generally the NSA has focused on looking for these types of things overseas and has not been in the domestic arena, particularly when it comes to trying to protect U.S. computer systems. And the challenge that U.S. government officials have run into repeatedly is that when NSA is tracking anything on the Internet, the difference in terms of what you need to do to look for potential cyber-attacks and what you need to do to read somebody’s email is not really all that different from a technical standpoint. And so, I think that people get concerned if there aren't safeguards put in place that would prevent the government from making that move from just monitoring for bad stuff on the Internet to monitoring all stuff on the Internet.

BROOKE GLADSTONE: What’s the status of this program, as far as you know?

SIOBHAN GORMAN: It’s really just in the beginning stages. My understanding is that the first set of funding is for what they're calling Phase One, and that’s probably going to be somewhere from 50 to 100 million dollars. But then that, of course, implies that there would be subsequent phases where they would probably be truly implementing these things. Oftentimes Phase One just means kind of a designing phase to really figure out what the program is going to look like.

BROOKE GLADSTONE: I have to ask you about the name, which, let's be honest, couldn't be creepier. “Perfect Citizen” - it just sounds like people spying on one another.

SIOBHAN GORMAN: Many people raise that issue with me, and I think that that, that is also what make have raised some people’s concerns about what the true intent or perhaps what the ultimate intent of the program is.

BROOKE GLADSTONE: Siobhan, thank you very much.


BROOKE GLADSTONE: Siobhan Gorman is the national intelligence correspondent for the Wall Street Journal.