The NSA is working on an autonomous online defense system

More than a year after Edward Snowden first spilled the beans on the NSA’s digital surveillance practices, you wouldn’t think that he had much left to reveal. In an interview with Wired, however, the former spy has revealed that the agency is building an autonomous online defense system that will, not only crush digital attacks on the US, but could also launch digital retaliations in the blink of an eye. The in-no-way-ominously-named MonsterMind is designed to scour metadata databases, analyzing the traffic patterns in a way that’d make malicious traffic stand out. Foreign attackers launching DDoS or malware attacks against financial institutions, infrastructure or government systems could then be identified, and blocked.

Edward Snowden has made us painfully aware of the government’s sweeping surveillance programs over the last year. But a new program, currently being developed at the NSA, suggests that surveillance may fuel the government’s cyber defense capabilities, too. The NSA whistleblower says the agency is developing a cyber defense system that would instantly and autonomously neutralize foreign cyberattacks against the US, and could be used to launch retaliatory strikes as well. The program, called MonsterMind, raises fresh concerns about privacy and the government’s policies around offensive digital attacks. Although details of the program are scant, Snowden tells WIRED in an extensive interview with James Bamford that algorithms would scour massive repositories of metadata and analyze it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat. Cryptographer Matt Blaze, an associate professor of computer science at the University of Pennsylvania, says if the NSA knows how a malicious algorithm generates certain attacks, this activity may produce patterns of metadata that can be spotted.