Government to share cyber-vulnerabilites info with private sector

DHS is developing a system to use classified information gleaned on vulnerabilites to protect businesses


Natasha Lennard
May 16, 2013 9:29PM (UTC)

Reuters reported Wednesday that for the first time, classified information about cyber-vulnerabilities in the U.S. will be used to protect private businesses outside the military industrial complex. The Department of Homeland Security plans to facilitate a multi-agency process through which secret information gleaned about possible software flaws vulnerable to attack can be passed on to the private sector. The new proposal complements the already widespread (but largely unspoken of) government practice of mass-buying tools that so-called zero-day exploits -- hacker tools designed to take advantage of software vulnerabilities.

Via Reuters:

Advertisement:

Secretary of Homeland Security Janet Napolitano said that a system being developed to scan Internet traffic headed toward critical businesses would block attacks on software programs that the general population does not realize are possible.

"It is a way to share information about known vulnerabilities that may not be commonly available," Napolitano said at the Reuters Cybersecurity Summit in Washington, D.C.

The information would come from "a variety of sources" including intelligence agencies, she said on Tuesday.

The National Security Agency and other intelligence agencies develop and acquire knowledge about software flaws in order to penetrate overseas networks. Until now, there has been no straightforward way for these agencies to share that classified data with U.S. companies outside the defense sector, even though those companies could become victims of cyber attacks.

The plan is to discreetly share the data through what the government calls Enhanced Cybersecurity Services. Under a February presidential order, those services will be offered by telecommunications and defense companies to utilities, banks and other critical infrastructure companies that choose to pay for them.


Natasha Lennard

Natasha Lennard is an assistant news editor at Salon, covering non-electoral politics, general news and rabble-rousing. Follow her on Twitter @natashalennard, email nlennard@salon.com.

MORE FROM Natasha LennardFOLLOW natashalennardLIKE Natasha Lennard

Related Topics ------------------------------------------

Cyber-vulnerabilities Cyberattacks Dhs Hackers Janet Napolitano Nsa Zero Day Exploits

BROWSE SALON.COM
COMPLETELY AD FREE,
FOR THE NEXT HOUR

Read Now, Pay Later - no upfront
registration for 1-Hour Access

Click Here
7-Day Access and Monthly
Subscriptions also available
No tracking or personal data collection
beyond name and email address

•••






Fearless journalism
in your inbox every day

Sign up for our free newsletter

• • •