TweakTown
Tech content trusted by users in North America and around the world
6,248 Reviews & Articles | 40,748 News Posts
TRENDING NOW: Rockstar rumored to announce Grand Theft Auto: San Andreas 2 soon

DHS' new intrusion detection and prevention system raises security concerns

DHS talk of their new EINSTEN 3 Accelerated security system, privacy concerns are now raised

| Hacking & Security News | Posted: Apr 26, 2013 9:30 am

Cyberthreats are the new way of slowly removing citizens' privacy, and now the Department of Homeland Security (DHS) is preparing to deploy a very powerful new version of their EINSTEIN intrusion-detection system that is built to detect attacks and malware, especially when it comes to e-mail.

 

TweakTown image news/2/9/29975_07_dhs_new_intrusion_detection_and_prevention_system_raises_security_concerns.jpg

 

But because this new version of EINSTEIN is able to read electronic content, it is raising privacy concerns. DHS has recognized this, and have just issued a "privacy impact assessment" on what they're calling EINSTEIN 3 Accelerated, the intrusion detection and prevention system that is expected to be made available as a managed security service from ISPs to monitor the ".gov" traffic to and from civilian agencies and Executive Branch departments.

 

The DHS has said that EINSTEIN 3 might be able to collect "personally identifiable information" (PII) in some instances where this network security system will not just monitor but also prevent threats by clocking traffic in order to detect a cyberthreat or potential cyberthreat.

 

EINSTEIN 3 will include packet-inspection tools that "allow an analyst to look at the content of the threat data, which enables a more comprehensive analysis. Packet capture may contain information that could be considered PII-like malicious data from or associated with email messages or attachments".

 

In their privacy-impact statement, the DHS acknowledges EINSTEIN 3's threat-prevention capabilities, stating that it "may include deep-packet inspection by ISPs. DHS will approve indicators to be transferred to ISPs for deployment in E3A to ensure that indicators are specific to a particular type of traffic and are not overly broad in their data collection requirements".

 

The story is quite long, and we definitely suggest taking a look at it, at Network World.

NEWS SOURCES:Networkworld.com

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases