NSA data mining can help stop cybercrime, analysts say
WASHINGTON — The huge volume of telephone records turned over to the U.S. government could help investigators identify and deter a range of terrorist acts, including cyberattacks, analysts say.
“Once you have this big chunk of data and you have it forever… you can do all sorts of analytics with it using other data sources,” said Joseph DeMarco, former head of the cybercrime unit in the U.S. attorney’s office in New York City. “A data set like this is the gift that keeps on giving,” said DeMarco, a partner at the law firm DeVore & DeMarco.
The government obtained an order from the Foreign Intelligence Surveillance Court ordering a Verizon subsidiary to turn over phone records to the National Security Agency. The records do not include the content of phone calls and the order does not authorize eavesdropping.
Still, the information can be helpful to investigators looking for patterns, linking people and networks. Also, phone numbers can be attached to computers, allowing hackers to get into networks through telephone lines. The data can also be viewed against other databases that help investigators see patterns and links among people and networks.
“All the data is critical,” said Robert Rodriguez, a cybersecurity expert and former Secret Service agent.
The government considers many cyberattacks to be acts of terror, DeMarco said. “The definition of terrorism includes cyberterrorism,” he said.
The court order also raises questions about the relationship between the government and industry at a time when so much critical infrastructure, such as power grids and banking, is in the hands of industry and may be vulnerable to cyberattack.
In the Verizon case, the NSA got a court order to get the phone records. But to combat cyberattacks, the government has been struggling with ways to compel more cooperation between government and industry. President Obama issued an executive order this year aimed at encouraging the sharing of information, such as reports of attacks on industry and threat information.
The White House has said that legislation is also needed to develop a strong defense against cyberattacks. A key provision lawmakers are considering would include civil protections so that private companies could not be held liable for turning information over to the government.
A similar provision was included in the 2008 reauthorization of the Foreign Intelligence Surveillance Act, the 1978 law that created the court that approved the NSA’s Verizon request.