NSA planned automated counterstrikes in cyberattacks
WASHINGTON — The National Security Agency secretly planned a cyberwarfare program that could automatically fire back at cyberattacks from foreign countries without any human involvement, creating the risk of accidentally starting a war, according to a new report based on interviews with former NSA contractor Edward Snowden.
The program, codenamed MonsterMind, would have let the military agency automate the process of "hunting for the beginnings" of a foreign cyberattack, the report said. The software would be constantly on the lookout for digital "traffic patterns" that indicated known or suspected attacks, said the report published this week by Wired magazine.
The report, part of a wide-ranging interview with Snowden in Moscow, described the MonsterMind program as "in the works" and went further than other programs that existed for decades. Without any human involvement, Snowden told the magazine, a counter-attack could be leveled at an innocent party - largely because initial attacks are often routed or diverted through other countries.
"You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital," Snowden said. "What happens next?"
The problem of attribution after a cyberattack has long unsettled computer security experts. A House technology subcommittee in 2010 concluded that, "proactively tracing interactions within a system may help determine where an attack originated after one occurs, but tracing every interaction is impractical and quite likely unconstitutional."
Snowden also called the program a major threat to privacy because NSA would first "have to secretly get access to virtually all private communications coming in from overseas to people in the U.S.," said the new report, by NSA expert and author James Bamford.
Snowden remains exiled in Russia since leaking top secret NSA documents to journalists last year. They revealed the NSA was collecting the phone records and digital communications of millions of citizens not suspected of a crime, prompting congressional reform.
The NSA declined to comment on specifics of the Wired report. A spokeswoman, Vanee Vines, instead said: "If Mr. Snowden wants to discuss his activities, that conversation should be held with the U.S. Department of Justice. He needs to return to the United States to face the charges against him."
Snowden is charged under the U.S. Espionage Act and faces up to 30 years in prison for leaking the documents.
The U.S. government has elevated lately the damages of foreign cyberattacks against American interests. In May, the Justice Department brought first-of-its kind cyber-espionage charges against five Chinese military officials accused of hacking into U.S. companies to gain trade secrets.
Snowden also told the magazine that the NSA tried to hack into a major Syrian Internet router in 2012 during the middle of the country's civil war. But he said the NSA mistakenly "bricked" the router — computer-speak for rendering it useless — temporarily crippling Internet access there.