Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

NSA ‘Perfect Citizen’ Program Documents Released, Report

A National Security Agency (NSA) program designed to discover security vulnerabilities at critical infrastructure companies is in full swing, according to documents reportedly obtained by the Electronic Privacy Information Center (EPIC).

A National Security Agency (NSA) program designed to discover security vulnerabilities at critical infrastructure companies is in full swing, according to documents reportedly obtained by the Electronic Privacy Information Center (EPIC).

The program, dubbed ‘Perfect Citizen‘, was unmasked in 2010 in a report by the Wall Street Journal that claimed it involved sensors that monitored networks at critical infrastructure companies. At the time however, the NSA stated publicly the program did not involve “the monitoring of communications or the placement of sensors on utility company systems,” and that the project provided a set of technical solutions to help the NSA understand “threats to national security networks.”

According to CNET, using a Freedom of Information Act (FOIA) request, EPIC obtained 190 pages of files on Perfect Citizen, at least 98 of which were completely deleted for security reasons. The portions that were readable showed that defense company Raytheon received a $91 million contract to build Perfect Citizen and was authorized to hire up to 28 hardware and software engineers to analyze and document vulnerability research against control systems and devices.

The program is slated to continue through at least 2014, according to CNET.

Marc Rotenberg, executive director of EPIC, told CNET that the documents may help disprove the NSA’s claims that Perfect Citizen doesn’t involve monitoring private networks.

This year has seen multiple reports of the U.S. expanding its efforts to defend cyberspace and develop offensive weapons, including reports about malware such as Stuxnet and Flame linking to secret operations involving the NSA and other agencies. The U.S. has not officially admitted to using cyberweapons in the wild. However, earlier this year, the Washington Post reported the Pentagon was accelerating plans to develop cyberweapons, and that the amount of spending disclosed by the Pentagon on cybersecurity initiatives and technology in 2012 was $3.4 billion.

“If your defense is only to try to block attacks you can never be successful,” General Keith Alexander, director of the National Security Agency and commander of the US Cyber Command, told a Washington symposium in October.

Advertisement. Scroll to continue reading.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

ENISA and CERT-EU warn of Chinese threat actors targeting businesses and government organizations in the European Union.