Three U.S. Internet service providers are working with the National Security Agency to filter the Internet traffic flowing to 15 defense contractors in an effort to block hacker attacks, according to The Washington Post. The pilot program began last month on a voluntary basis and uses the high-tech spying agency’s data sets to identify malicious programs that hackers try to send to infect the contractors’ networks.
The network providers are AT&T, Verizon, and CenturyLink.
The defense contractors participating in the project include CSC, Lockheed Martin, Northrop Gruman and SAIC.
The Post quotes Deputy Defense Secretary William J. Lynn III as saying that he hopes that the program will be extended to protect other parts of critical U.S. infrastructure.
The program took a year to launch because both the NSA and the contractors had to work through privacy and national security issues.
Both sides say they had to make sure that the system complied with privacy concerns. The NSA was worried about classified information “getting in the hands of adversaries.”
The prime concern of civil liberties’ advocates and private sector companies is that a project focusing on monitoring networks for malicious code could be used as a surveillance program for other network traffic.
Deputy Defense Secretary Lynn said that the program’s scope is limited:
“The U.S. government will not be monitoring, intercepting or storing any private-sector communications,” Lynn said. “Rather, threat intelligence provided by the government is helping the companies themselves, or the Internet service providers working on their behalf, to identify and stop malicious activity within their networks.”
As the Post notes, the program is just one part of a national strategy to defend against cyberattacks.
“Although this NSA technology is more sophisticated than traditional anti-virus programs, it still can screen only for known threats,” notes author Ellen Nakashima.