[ISN] Pentagon Wants to Secure Dot-Com Domains of Contractors

From: InfoSec News <alerts_at_private>
Date: Mon, 16 Aug 2010 01:51:07 -0500 (CDT)
http://www.theatlantic.com/politics/archive/2010/08/nsa-might-monitor-dotcom-domains-for-defense-contractors/61456/

By Marc Ambinder
The Atlantic
Aug 13 2010

To better secure unclassified information stored in the computer 
networks of government contractors, the Defense Department is asking 
whether the National Security Agency should begin to monitor select 
corporate dot.com domains, several officials and consultants briefed on 
the matter said.

Under the proposal, which is being informally circulated throughout the 
department and the Department of Homeland Security, the NSA could set up 
equipment to look for patterns of suspicious traffic at the internet 
service providers that the companies' networks run through. The agency 
would immediately notify the Pentagon and the companies if pernicious 
behavior were detected. The Agency would not directly monitor the 
content of the data streams, only its meta-data. (A Pentagon 
spokesperson called later to clarify that it would not be legal for the 
NSA to "monitor" private networks; rather, "DoD and NSA are seeking to 
provide technical advice, expertise and information to the defense 
industrial base.")

The proposal originated in the Office of the Secretary of Defense. 
Because of the sensitivity associated with NSA internet surveillance and 
capabilities, the fact of the exploratory tasker, as it is known in 
Pentagon parlance, and details associated with it are being closely 
held.

The new program would apply to the companies that make up the Defense 
Industrial Base (DIB)  and only to the parts of those companies that 
indigenously store and use sensitive information. As the Department 
reconfigures its network defenses and the internal structure of its 
information operation, it continues to deal with a large number of 
aggressive hacker attacks and data penetrations.  Classified information 
is not supposed to be stored on any dot.mil subdomain that is accessible 
to outside computer networks.

[...]


--
Visit InfoSec News!
http://www.infosecnews.org/
Received on Sun Aug 15 2010 - 23:51:07 PDT

This archive was generated by hypermail 2.2.0 : Mon Aug 16 2010 - 00:00:48 PDT