CybersecurityU.S. to help protect private companies from malicious cyberattacks

The U.S. government said it will help protect private companies from cyber attacks.

CNBC reports that DHS secretary Janet Napolitano said a system is being developed which will monitor Internet traffic directed to critical infrastructure businesses and block attacks on software programs.

“It is a way to share information about known vulnerabilities that may not be commonly available,” Napolitano said at the Reuters Cybersecurity Summit in Washington, D.C.

The government will quietly share the data through what the government is calling Enhanced Cybersecurity Services. The February 2013 presidential executive order calls for these services to be offered to utility companies, banks, and other critical infrastructure, but the companies selecting these services will have to pay for it.

The screening of Internet traffic would also employ methods known to government agencies, but which have not been disclosed to the general public. DHS will receive information from the NSA and other sources, and distribute it to service providers, who will then use “attack signatures” to detect and block malicious traffic.

House of Representatives Intelligence Committee chairman Mike Rogers(R-Michigan) said he supports the plan.

“This can’t happen if you post it on a website,” Rogers, the lead author of a cybersecurity information-sharing bill that has passed the House, said at the Summit. “We have to find a forum in which we can share it, and 10 providers serve 80 percent of the market. We have classified relationships with a good number of them.”

Michael Daniel, the White House cybersecurity policy coordinator, said the Enhanced Cybersecurity Services program was still evolving and the type of information shared would change as threats do.

“We want to use the full capabilities that we have to protect as much of the critical infrastructure as we can with that program,” Daniel told the Summit.