NSA's 'Perfect Citizen' power grid security plan far from perfect

The National Security Agency (NSA) calls its semi-secret technology to protect the nation's power grid "Perfect Citizen." But it's far from perfect in the eyes of privacy advocates, who find it somewhat odd and amusing, but mostly disturbing.

It's semi-secret because the existence of the prorgam, designed to protect against a crippling cyberattack, has been public since July 2010, when The Wall Street Journal published reported on it describing its overall mission and that a five-year, $91 million contract had been awarded to the defense contractor Raytheon.

But virtually all other details about the program are secret, including any information on whether the technology will allow any kind of domestic data collection on citizens. NSA vigorously denies that it will.

In a statement first issued in 2010 and then reissued last week to Mark Clayton of the Christian Science Monitor, the agency said the contract with Raytheon "does not involve the monitoring of communications or the placement of sensors on utility company systems."

Computerworld reported in 2010 that NSA called Perfect Citizen a "research program." But the entire 188-page contract, recently released to the Electronic Privacy Information Center (EPIC) under a 2010 Freedom of Information Act request, came with about half of the pages redacted.

The documents show Raytheon was authorized to hire 28 software engineers, program managers, and laboratory staff, including two penetration testers who, Clayton reported, were assigned to "discover vulnerabilities that lie in the electronic interface that connects the computer networks of utility companies," he wrote. "Then the team can come up with software and hardware plugs to patch those digital holes."

Michelle Richardson, legislative counsel for the American Civil Liberties Union (ACLU), noted that the amount of detail left out makes it hard to tell what's going on. "They've redacted things like job descriptions," she said. "The task orders say things like, 'Expanding the technical capacity of the (blank) workforce.'"

[See related: Damage from attack on power grid would surpass Sandy]

Richardson said the documents don't answer fundamental privacy questions, such as: Do the monitoring and countermeasures under development interact with the public Internet and everyday Internet users' data? If so, why? And what will be done with it?

Both Richardson and Rebecca Herold, CEO of The Privacy Professor, laud the idea of protecting the power grid, but say they find the name of the program strange, and a bit creepy.

"'Perfect Citizen' does not lend itself to harboring trust in the NSA's actions," Herold said. "It sounds like a program used to separate those who are perfect citizens from those who are terrorists."

"Such a binary perception of separating the general population into two different groups lends itself to suspicions of what kinds of activities are really going on," she added.

C. Robert Kline, who formerly worked for the NSA and is now president and managing member of Kline Technical Consulting, noted that while the Federal Energy Regulatory Commission (FERC) has primary responsibility for the national power grid, but "NSA is in part commanded to ensure security for U.S. government information and communication systems."

Herold said the lack of transparency "justifiably raises concerns about how that goal will be met."

"What types of vulnerability assessments and big data analysis will involve consumer energy usage data and consumer personal information?" she asked. "The lack of any meaningful detailed information about these actions understandably raises privacy concerns."

Herold added that NSA's declaration that it complies with all existing U.S. laws regarding monitoring and data collection is not reassuring, given there are none. "There are no current federal regulations governing monitoring for, or use of, power grid data," she said. "There is much regarding personal activities, lifestyles, etc., that can be derived from data that do not contain what has been traditionally considered personal information."

Richardson said the NSA was adding to the confusion by not defining some alarming terms used in the plan. "What do they mean by sensors?" she asked. "If they're looking for IP addresses of people overseas, then a sensor is not a huge problem. But if they're copying all traffic that crosses a system, it's not justifiable."

Another reason for privacy advocates to be uneasy about NSA's assurances is William Binney, a whistleblower who worked for NSA for 32 years who resigned in protest in 2001 after the Bush administration launched a top-secret surveillance program to spy on U.S. citizens without warrants.

In recent interviews, Binney said the U.S. is collecting and storing every electronic activity of its citizens. He estimate the number of documents at more than 20 trillion, and said spying on citizens has gotten worse under President Obama than it was under Bush.

"The NSA, and Raytheon, should provide transparency for their activities," Herold said. "And they can certainly do so without compromising their anti-terrorist efforts."

"They should be able to describe the types of data being monitored, analyzed and accessed, and also answer whether they will be obtaining data that relates to specific consumer locations and activities," she added.

Read more about critical infrastructure in CSOonline's Critical Infrastructure section.

Tags: National Security Agency, physical security, security, perfect citizen, nsa, power grid, Physical Security | Critical Infrastructure

Symantec draws new security picture

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Email Security and Data Protection

Encrypt your sensitive email

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.