NSA coordinates cyberattack response

President Bush signed a directive this month that expands the intelligence community's role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies' computer systems. The directive, whose content is classified, authorizes the intelligence agencies, in particular the National Security Agency, to monitor the computer networks of all federal agencies -- including ones they have not previously monitored. Until now, the government's efforts to protect itself from cyber-attacks -- which run the gamut from hackers to organized crime to foreign governments trying to steal sensitive data -- have been piecemeal. Under the new initiative, a task force headed by the Office of the Director of National Intelligence (ODNI) will coordinate efforts to identify the source of cyber-attacks against government computer systems. As part of that effort, the Department of Homeland Security will work to protect the systems and the Pentagon will devise strategies for counterattacks against the intruders.

Putting the NSA in charge of monitoring the Internet might not make some people feel too confident about the sanctity of their communications, given the agency's role in warrantless wiretaps and Internet monitoring.

"Agencies designed to gather intelligence on foreign entities should not be in charge of monitoring our computer systems here at home," said Rep. Bennie Thompson (D-Miss.), chairman of the House Homeland Security Committee.

Allan Paller, a familiar name to Post readers, says stopping breakins to government computers is only a small part of the battle against cyberwarfare.

"If you don't include industry in the mix, you're keeping one of your eyes closed because the hacking techniques are likely the same across government and commercial organizations," said Alan Paller, research director at the SANS Institute, a Bethesda-based cyber-security group that assists companies that face attacks. "If you're looking for needles in the haystack, you need as much data as you can get because these are really tiny needles, and bad guys are trying to hide the needles."

Clearly, the government needs to take cyberwarfare more seriously and this is a substantial step in that direction. But given this administration's low esteem for privacy rights and the instrusive nature of this new initiative, this is trouble.

Under the initiative, the NSA, CIA and the FBI's Cyber Division will investigate intrusions by monitoring Internet activity and, in some cases, capturing data for analysis, sources said.