In the wake of attacks against defense contractors like Lockheed Martin and L-3 Communications, it is apparent there is a growing threat and the National Security Agency (NSA) is working with Internet service providers to deploy a new generation of tools to scan email and other digital traffic.
The program, which began last month on a voluntary, trial basis, relies on sophisticated NSA data sets to identify malicious programs slipped into the vast stream of Internet data flowing to the nation’s largest defense firms.
The Department of Homeland Security is working closely with the Pentagon to determine the extent of the cyber attack on America’s largest military contractor, Lockheed Martin.
A group of hackers is taking responsibility for taking down the CIA website. The CIA says no classified information was compromised.
Officials said the pilot program does not involve direct monitoring of the contractors’ networks by the government. The program uses NSA-developed “signatures,” or fingerprints of malicious code, and sequences of suspicious network behavior to filter the Internet traffic flowing to major defense contractors. That allows the Internet providers to disable the threats before an attack can penetrate a contractor’s servers. The trial is testing two particular sets of signatures and behavior patterns the NSA has detected as threats.
The Internet carriers are AT&T, Verizon and CenturyLink. Together they are seeking to filter the traffic of 15 defense contractors, including Lockheed, Falls Church-based CSC, McLean-based SAIC and Northrop Grumman, which is moving its headquarters to Falls Church. The contractors have the option, but not the obligation, to report the success rate to the NSA’s Threat Operations Center.
All three of the Internet carriers declined to comment on the pilot program. Several of the defense contractors declined to comment as well.