Last week, the Senate Intelligence Committee reported a bill that would require the government to disclose information about the intrusion detection system for government computers that has been dubbed, "Einstein." Section 340 of the Intelligence Committee's Intelligence Authorization Act for FY 2010 (S. 1494) would require the government to report to Congress about privacy impact of Einstein, the legal authority supporting it, and about any audits that have been conducted on its operations. The bill, and recent press accounts, prompt CDT to ask the Administration to reveal more about Einstein.
There's no doubt that the government needs better cybersecurity immediately. Malicious code has been found in the computers that run the electric power grid, and terabytes of data about the Pentagon's $300 billion F-35 Joint Strike Fighter jet were recently stolen by computer spies.
Einstein is designed to partially meet this need for civilian government computer networks. It operates to detect malicious code in communications with the government. The latest iteration - Einstein 3 - reportedly can scan the content of such communications and, using technology based on a National Security Agency system called "Tutelage," can intercept the malicious computer code before it even reaches the government system.
Read more »