“Perfect Citizen” is the code name for a new government-sponsored program aimed at detecting cyber attacks targeting private and government agencies that run the critical U.S. national infrastructure. Or, at least, so claims a source for The Wall Street Journal.
The program should involve the installation and monitoring of sensors on the computer networks through which the infrastructure is managed, and should be set up to be triggered when they detect unusual activity that could indicate an imminent cyber attack.
The source says that a $100 million contract for the initial phase of the program has been already awarded to defense contractor Raytheon, although both the NSA and Raytheon refused to comment when asked about details.
What seems a very logical step for the government, the federal agencies and the intelligence community, might not seem so natural for the companies and agencies whose networks will be monitored – not to mention for the larger public. The NSA claims that it won’t use the sensors to monitor whole systems, but I bet there will be a lot of people out there that would consider it an empty promise.
The program will especially aim to monitor older computer control systems, since they have been but in place when an Internet connection was not the norm and cyber security was almost an unknown concept. All those systems are now linked to the Internet and are exposed to attacks.
Many may wonder if the government or the NSA have the right to force companies to comply with this program, and the answer is no. But, they can provide incentives for cooperation, especially if the government is a big buyer of their services.