[Infowarrior] - Google to enlist NSA to help it ward off cyberattacks

Richard Forno rforno at infowarrior.org
Fri Feb 5 16:38:45 UTC 2010 

Google to enlist NSA to help it ward off cyberattacks
By Ellen Nakashima
Thursday, February 4, 2010; A01

http://www.washingtonpost.com/wp-dyn/content/article/2010/02/03/AR2010020304057_pf.html
The world's largest Internet search company and the world's most  
powerful electronic surveillance organization are teaming up in the  
name of cybersecurity.

Under an agreement that is still being finalized, the National  
Security Agency would help Google analyze a major corporate espionage  
attack that the firm said originated in China and targeted its  
computer networks, according to cybersecurity experts familiar with  
the matter. The objective is to better defend Google -- and its users  
-- from future attack.

Google and the NSA declined to comment on the partnership. But sources  
with knowledge of the arrangement, speaking on the condition of  
anonymity, said the alliance is being designed to allow the two  
organizations to share critical information without violating Google's  
policies or laws that protect the privacy of Americans' online  
communications. The sources said the deal does not mean the NSA will  
be viewing users' searches or e-mail accounts or that Google will be  
sharing proprietary data.

The partnership strikes at the core of one of the most sensitive  
issues for the government and private industry in the evolving world  
of cybersecurity: how to balance privacy and national security  
interests. On Tuesday, Director of National Intelligence Dennis C.  
Blair called the Google attacks, which the company acknowledged in  
January, a "wake-up call." Cyberspace cannot be protected, he said,  
without a "collaborative effort that incorporates both the U.S.  
private sector and our international partners."

But achieving collaboration is not easy, in part because private  
companies do not trust the government to keep their secrets and in  
part because of concerns that collaboration can lead to continuous  
government monitoring of private communications. Privacy advocates,  
concerned about a repeat of the NSA's warrantless interception of  
Americans' phone calls and e-mails after the Sept. 11, 2001, terrorist  
attacks, say information-sharing must be limited and closely overseen.

"The critical question is: At what level will the American public be  
comfortable with Google sharing information with NSA?" said Ellen  
McCarthy, president of the Intelligence and National Security  
Alliance, an organization of current and former intelligence and  
national security officials that seeks ways to foster greater sharing  
of information between government and industry.

On Jan. 12, Google took the rare step of announcing publicly that its  
systems had been hacked in a series of intrusions beginning in December.

The intrusions, industry experts said, targeted Google source code --  
the programming language underlying Google applications -- and  
extended to more than 30 other large tech, defense, energy, financial  
and media companies. The Gmail accounts of human rights activists in  
Europe, China and the United States were also compromised.

So significant was the attack that Google threatened to shutter its  
business operation in China if the government did not agree to let the  
firm operate an uncensored search engine there. That issue is still  
unresolved.

Google approached the NSA shortly after the attacks, sources said, but  
the deal is taking weeks to hammer out, reflecting the sensitivity of  
the partnership. Any agreement would mark the first time that Google  
has entered a formal information-sharing relationship with the NSA,  
sources said. In 2008, the firm stated that it had not cooperated with  
the NSA in its Terrorist Surveillance Program.

Sources familiar with the new initiative said the focus is not  
figuring out who was behind the recent cyberattacks -- doing so is a  
nearly impossible task after the fact -- but building a better defense  
of Google's networks, or what its technicians call "information  
assurance."

One senior defense official, while not confirming or denying any  
agreement the NSA might have with any firm, said: "If a company came  
to the table and asked for help, I would ask them . . . 'What do you  
know about what transpired in your system? What deficiencies do you  
think they took advantage of? Tell me a little bit about what it was  
they did.' " Sources said the NSA is reaching out to other government  
agencies that play key roles in the U.S. effort to defend cyberspace  
and might be able to help in the Google investigation.

These agencies include the FBI and the Department of Homeland Security.

Over the past decade, other Silicon Valley companies have quietly  
turned to the NSA for guidance in protecting their networks.

"As a general matter," NSA spokeswoman Judi Emmel said, "as part of  
its information-assurance mission, NSA works with a broad range of  
commercial partners and research associates to ensure the availability  
of secure tailored solutions for Department of Defense and national  
security systems customers."

Despite such precedent, Matthew Aid, an expert on the NSA, said  
Google's global reach makes it unique.

"When you rise to the level of Google . . . you're looking at a  
company that has taken great pride in its independence," said Aid,  
author of "The Secret Sentry," a history of the NSA. "I'm a little  
uncomfortable with Google cooperating this closely with the nation's  
largest intelligence agency, even if it's strictly for defensive  
purposes."

The pact would be aimed at allowing the NSA help Google understand  
whether it is putting in place the right defenses by evaluating  
vulnerabilities in hardware and software and to calibrate how  
sophisticated the adversary is. The agency's expertise is based in  
part on its analysis of cyber-"signatures" that have been documented  
in previous attacks and can be used to block future intrusions.

The NSA would also be able to help the firm understand what methods  
are being used to penetrate its system, the sources said. Google, for  
its part, may share information on the types of malicious code seen in  
the attacks -- without disclosing proprietary data about what was  
taken, which would concern shareholders, sources said.

Greg Nojeim, senior counsel for the Center for Democracy & Technology,  
a privacy advocacy group, said companies have statutory authority to  
share information with the government to protect their rights and  
property.

More information about the Infowarrior mailing list