Edward Snowden has made us painfully aware of the government's sweeping surveillance programs over the last year. But a new program, currently being developed at the NSA, suggests that surveillance may fuel the government’s cyber defense capabilities, too.

The NSA whistleblower says the agency is developing a cyber defense system that would instantly and autonomously neutralize foreign cyberattacks against the US, and could be used to launch retaliatory strikes as well. The program, called MonsterMind, raises fresh concerns about privacy and the government's policies around offensive digital attacks.

Although details of the program are scant, Snowden tells WIRED in an extensive interview with James Bamford that algorithms would scour massive repositories of metadata and analyze it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat.

Cryptographer Matt Blaze, an associate professor of computer science at the University of Pennsylvania, says if the NSA knows how a malicious algorithm generates certain attacks, this activity may produce patterns of metadata that can be spotted.

"An individual record of an individual flow only tells you so much, but more revealing might be patterns of flows that are indicative of an attack," he says. "If you have hundreds or thousand of flows starting up from a particular place and targeted to a particular machine, this might indicate you're under attack. That's how intrusion detection and anomaly-detection systems generally work. If you have intelligence about the attack tools of your adversary, you may be able to match specific patterns to specific tools that are being used to attack."

Think of it as a digital version of the Star Wars initiative President Reagan proposed in the 1980s, which in theory would have shot down any incoming nuclear missiles. In the same way, MonsterMind could identify a distributed denial of service attack lobbed against US banking systems or a malicious worm sent to cripple airline and railway systems and stop—that is, defuse or kill— it before it did any harm.

More than this, though, Snowden suggests MonsterMind could one day be designed to return fire—automatically, without human intervention—against the attacker. Because an attacker could tweak malicious code to avoid detection, a counterstrike would be more effective in neutralizing future attacks.

Snowden doesn't specify the nature of the counterstrike to say whether it might involve launching malicious code to disable the attacking system, or simply disable any malicious tools on the system to render them useless. But depending on how its deployed, such a program presents several concerns, two of which Snowden specifically addresses in the WIRED story.

First, an attack from a foreign adversary likely would be routed through proxies belonging to innocent parties—a botnet of randomly hacked machines, for example, or machines owned by another government. A counterstrike could therefore run the risk of embroiling the US in a conflict with the nation where the systems are located. What's more, a retaliatory strike could cause unanticipated collateral damage. Before returning fire, the US would need to know what it is attacking, and what services or systems rely upon it. Otherwise, it could risk taking out critical civilian infrastructure. Microsoft's recent move to take down two botnets—which disabled thousands of domains that had nothing to do with the malicious activity Microsoft was trying to stop—is an example of what can go wrong when systems are taken down without adequate foresight.

Blaze says such a system would no doubt take the attribution problem—looking beyond proxies to find exactly where the attack originated—into consideration. "Nobody would build a system like this and be unaware of the existence of decentralized botnet attacks laundered through the systems of innocent users, because that's how pretty much all attacks work," he says. That does not, however, make so-called hackback attacks any less problematic, he says.

The second issue with the program is a constitutional concern. Spotting malicious attacks in the manner Snowden describes would, he says, require the NSA to collect and analyze all network traffic flows in order to design an algorithm that distinguishes normal traffic flow from anomalous, malicious traffic.

"[T]hat means we have to be intercepting all traffic flows," Snowden told WIRED's James Bamford. "That means violating the Fourth Amendment, seizing private communications without a warrant, without probable cause or even a suspicion of wrongdoing. For everyone, all the time."

It would also require sensors placed on the internet backbone to detect anomalous activity.

Blaze says the algorithm scanning system Snowden describes sounds similar to the government's recent Einstein 2 (.pdf) and Einstein 3 (.pdf) programs, which use network sensors to identify malicious attacks aimed at U.S. government systems. If that system were secretly being extended to cover all U.S. systems, without public debate, that would be a concern.

Although MonsterMind does resemble the Einstein programs to a certain degree, it also sounds much like the Plan X cyberwarfare program run by Darpa. The five-year, $110 million research program has several goals, not the least of which is mapping the entire internet and identifying every node to help the Pentagon spot, and disable, targets if needed. Another goal is building a system that allows the Pentagon to conduct speed-of-light attacks using predetermined and pre-programmed scenarios. Such a system would be able to spot threats and autonomously launch a response, the Washington Post reported two years ago.

It's not clear if Plan X is MonsterMind or if MonsterMind even exists. The Post noted at the time that Darpa would begin accepting proposals for Plan X that summer. Snowden said MonsterMind was in the works when he left his work as an NSA contractor last year.

The NSA, for its part, would not respond to questions about the MonsterMind program.