The federal government is not having the best time with cybersecurity of late.
A $3 billion cybersecurity system for the Department of Homeland Security is currently being held up over liability concerns from AT&T. The plan is the third version of the “Einstein Program,” a system that protects federal networks. This third iteration, E3A, would scan traffic leaving or entering federal networks for malware, and block suspicious traffic before it arrived.
The government has recently experienced several embarrassing reports of security breaches in their networks. The federal weather network, the State Department, and the Postal Service all suffered cyberattacks from suspected Chinese hackers in the last two months, while the White House network was breached by hackers originally thought to have ties to the Russian government.
The State Department was forced to shut down its entire unclassified email system as a consequence of the attack. The USPS hacking compromised the personal information of over 800,000 Postal Service employees. The White House attack left the system encountering problems for at least two weeks, according to one report.
House Homeland Security Chairman Michael McCaul( R-Texas) has said that reported data breaches in the federal government doubled between 2009 and 2013.
According to a report in Politico, the new Einstein system has been held up for two years because AT&T, one of several companies involved in its production, refuses to sign a contract without liability protection. Two other companies, CenturyLink and Verizon, are already under contract for it, without the liability protection AT&T demands.
Anonymous sources told Politico AT&T “fears being held liable should malware matching a signature loaded into the Einstein system slip through to customers.”
Privacy concerns have been raised about the new Einstein system for years. The program would examine the activity of anyone who visited a government website or sent an email to a government employee, raising the question of how private data could be protected.
