WASHINGTON (AP) — The White House is setting up a new agency designed to coordinate cyberthreat intelligence that currently is spread across the federal government.
The agency will be modeled after the National Counter Terrorism Center, which was established after 9/11 to coordinate terrorism intelligence. The lack of such an agency before led to missed opportunities to thwart the 2001 terrorist attacks.
Lisa Monaco, assistant to the president for homeland security and counterterrorism, announced the new “Cyber Threats Intelligence Integration Center” in a speech Tuesday at the Wilson Center in Washington.
U.S. companies have been buffeted by a series of damaging cyber incidents in recent years — some from nation states, others from criminal groups. Government expertise in analyzing the various cyberthreats resides in a number of agencies, including the FBI, the Department of Homeland Security, the National Security Agency and U.S. Cyber Command.
White House cybersecurity coordinator Michael Daniel has concluded that cyberintelligence at the moment is bedeviled by the same shortcomings that afflicted terrorism intelligence before 9/11 — bureaucracy, competing interests, and no streamlined way to combine analysis from various agencies, the official said.
The hack on Sony’s movie subsidiary, for example, resulted in a variety of different analytical papers from various agencies. Each one pointed to North Korea, but with varying degrees of confidence.
Unlike the National Counter Terrorism Center, which gets most of its information from intelligence agencies, the new cyberagency may rely to a much larger extent on private companies, which are regularly seeing and gathering cyberintelligence as they are hit with attempts by hackers to break into their networks.
Gathering threat signatures, and profiling hacker groups, has become a key component of collecting cyberintelligence — a discipline practiced both by government agencies and private firms.
U.S. intelligence officials have been warning about the dangers of cyberattacks for years, and the public is starting to pay close attention.
Fifty-seven percent of Americans in a new Associated Press-GfK poll conducted Jan. 29-Feb 2 think there is an extremely or somewhat high risk of a foreign country or terrorist group making a major cyberattack on computer systems inside of the United States. That is more than the 50 percent who say the risk of a terrorist attack is somewhat or extremely high.