The U.S. Government’s Einstein 3 Cybersecurity Program

Previously, I wrote an article about the 2007 reports surrounding the desire of some in the government to use spy satellites in order to conduct domestic spying, for “law enforcement” purposes.
Once civil liberties groups and others heard about this, the public outcry was so strong that continuing to support the program quickly became a political hot potato. The effort was (allegedly) swiftly shut down.
However, proponents of privacy rights are once again up in arms about another government effort that comes dangerously close to infringing on civil liberties for the same of “homeland security.” This effort goes under the impressive name of EINSTEIN – with numbers outlining the initiative of the program, such as EINSTEIN 2 and EINSTEIN 3.

The Government CyberSecurity Initiative

In March, the Washington Post reported that the government decided to declassify most of its cybersecurity initiative. Clearly, the move is very likely an effort by the Administration to signal to countries like China that the United States Federal Computer infrastructure is protected from viruses, malware and other threats launched against it by foreign agents.
Additionally, the move was likely to make sure that foreign powers understand that the system, known as EINSTEIN 3, has the capability to also monitor network traffic and collect data about any attempted access of federal computer systems.

What is EINSTEIN 3?

The term EINSTEIN 3 is not so much a software package, but instead the step of the "Comprehensive National Cybersecurity Initiative."
The Administration website describes EINSTEIN 3 as follows.

This approach, called EINSTEIN 3, will draw on commercial technology and specialized government technology to conduct real-time full packet inspection and threat-based decision-making on network traffic entering or leaving these Executive Branch networks.

This essentially sounds like an impressive and heavily fortified firewall system installed on all federal computer networks. However, if you carefully watch more recent news reports, you'll learn that this isn't exactly the case. On March 23rd, Computer Weekly reported that the Department of Homeland Security was performing testing with a commercial ISP.
The reported purpose of the test was to "demonstrate the ability of an existing ISP to select and redirect internet traffic from a single government agency through Einstein 3."

What is the Real Purpose of Einstein 3?

Now, if the purpose of Einstein 3 was to protect federal systems from the thread of foreign hackers, this little ISP test immediately brings up the following questions.

• -> Why does a system intended to protect federal computer systems from foreign threats require the ISP of private American citizens to "select and redirect Internet traffic"?
• -> What "trigger" would be set up to enable to collecting and analyzing of Internet traffic through the ISP?
• -> What would the government, presumably via the NSA, do with the collected Internet traffic data in the case that no legitimate threat was uncovered?
• -> What protections are in place to maintain the privacy of private American citizens as they conduct business and perform financial and personal transactions over the Internet?
• -> Is this yet another example of the world moving ever closer to the "Big Brother" scenario?

The Whitehouse website does it's very best to assure Americans that what is being done with the cybersecurity software is within the legal right of all agencies involved. You can see the White House trying very hard to make this case with one of the longest run-on sentences in history on the White House website describing the initiatives.

"The EINSTEIN 3 system will also support enhanced information sharing by US-CERT with Federal Departments and Agencies by giving DHS the ability to automate alerting of detected network intrusion attempts and, when deemed necessary by DHS, to send alerts that do not contain the content of communications to the National Security Agency (NSA) so that DHS efforts may be supported by NSA exercising its lawfully authorized missions."

I don't know - it certainly doesn't give me any warm and fuzzy feelings. What about you?