Major elements of the Bush administration's proposed $17 billion "cyber security" initiative have little to do with protecting government networks, and a lot to do with spying, according to a budget report released by the Senate Armed Services Committee this week.

The so-called National Cyber Security Initiative is also wrapped in unnecessary secrecy, and would spend billions on unproven, embryonic technology, and possibly illegal or ill-advised projects, according to the analysis – which is part of a broad look at the proposed 2009 defense budget.

"[S]ome of the projects support foreign intelligence collection and analysis generally rather than the cyber security mission particularly," the report concludes. "That is not to say that the proposed projects are not worthwhile, but rather that what will be achieved for the more than $17 billion planned by the administration to secure the government's networks is less than what might be expected."

After years of being lambasted for ignoring cyber security, in the last six months, the Bush administration has embraced the project of locking down government networks with the zeal of a convert. Top officials have been rallying support for the huge expenditure, with hyped claims of information warfare, cyber terrorism and spying. The U.S. Air Force, the Department of Homeland Security, the NSA and the FBI are all jostling for a piece of the cyber-security action.

While many of the specifics of the plan are classified, U.S. intelligence chief Michael McConnell told the New Yorker in January that he wants the National Security Agency to begin eavesdropping on the internet, and a McConnell aide said the spy agency was prepared to examine the content of e-mails, file transfers and Google searches without a warrant.

The purported goal of the National Cyber Security Initiative is to reduce the vulnerability of federal government networks to attacks and intrusions by extending the tools that currently protect classified networks to all federal government networks. The unclassified portion of the project also seeks to simplify the task of patrolling the government's e-perimeter by reducing the number of connections to the internet from more than 2,000 to 50.

The move includes putting the NSA in charge of monitoring and protecting civilian sites such as the Internal Revenue Service and the Social Security Administration.

But according to the Armed Services Committee's analysis, there's a lot of spying being proposed under the guise of e-security.

That confirms THREAT LEVEL's suspicions that the highly classified proposal could have far-ranging implications for the internet generally, especially as the government contemplates becoming the firewall for all Americans on the net.

The committee's report also faults the administration for over-classifying the project, which was launched with a still-classified presidential directive signed in January. Even most non-classified information about the project is stamped "For Official Use Only,", the report notes, effectively keeping the whole project hidden from healthy public debate.

"These restrictions preclude public education, awareness, and debate about the policy and legal issues, real or imagined, that the initiative poses in the areas of privacy and civil liberties," reads the report.

The Armed Services Committee was briefed on the project, which puts it far ahead of the Senate Homeland Security Committee, which early in May was reduced to writing a public letter to beg for the most basic information about the cyber plans.

The secrecy can also backfire in other ways, according to the report. For instance, if the government plans to build the capability to strike back at adversaries who try to bring down a government website, the response tool has no deterrent effect if its very existence is secret.

"It is difficult to conceive how the United States could promulgate a meaningful deterrence doctrine if every aspect of our capabilities and operational concepts is classified."

Photo: Director of National Intelligence Michael McConnell, one of the drivers behind the government's newfound interest in cyber security. Credit: AP/Cook

See Also:

Via Stephen Aftergood's Secrecy Project.