The question is how such a system can be set up.
After revelations by former intelligence firm Edward J. Snowden in 2013 that sparked a debate about government surveillance, American tech companies are concerned about the appearance of sharing data with American intelligence agencies, even if that data is just malware warnings. Google was impressed with the revelation in the Snowden documents that the National Security Agency intercepted data transmitted between their overseas servers. A few years later, under pressure from its staff, it ended its participation in Project Maven, a Pentagon attempt to use artificial intelligence to make its drones more accurate.
In contrast, Amazon does not compromise on sensitive government work: It runs the cloud server for the CIA. When the Senate Intelligence Committee last month called on corporate officials to join forces with FireEye, Microsoft and SolarWinds executives to testify how the Russians are using systems on American soil to launch their attacks and declined to participate.
Companies say they would need strong legal liability protection before reporting any vulnerabilities.
The politically tastiest headquarters for such a clearinghouse – while avoiding concerns about legal and civil liberties in using the National Security Agency – would be the Department of Homeland Security’s Agency for Cybersecurity and Infrastructure Security. Mr. Gerstell described the idea as “automated computer sensors and artificial intelligence that act on incoming information and immediately spit it out again”.
The department’s existing Einstein system, which is designed to monitor encroachments and possible attacks on federal agencies, never saw the Russian attack underway – despite the fact that it hit nine federal departments and agencies. The FBI does not have extensive surveillance capabilities by law, and its focus is on other forms of crime, counterterrorism, and now the threats posed by domestic extremism.
“I don’t want the intelligence agencies to spy on Americans, but the FBI remains the de facto domestic intelligence agency dealing with such attacks,” said Senator Angus King, an independent member of the Maine Senate Intelligence Committee, co-chair of the Cyberspace Commission . “I’m just not sure they’re set up for it.”
There are other hurdles. The process of obtaining a search warrant is too cumbersome to track nation-state cyberattacks, Gerstell said. “Someone needs to be able to take this information from the NSA and look at that computer right away,” he said. “But the FBI needs an arrest warrant, and it takes time for the enemy to escape.”