Emails shed light on Google's work with NSA
Exchanges between NSA director and Google execs suggest cooperation on data security
Computerworld - Two sets of emails obtained by Al Jazeera America under a Freedom of Information Act request suggest that Google's cooperation with the National Security Agency (NSA) may have been less coerced than the company has let on.
The emails date back to June 2012 and chronicle communications between NSA director General Keith Alexander and Google executives Eric Schmidt and Sergey Brin.
In one email, Alexander refers to a previous meeting between NSA and Google officials and then invites Schmidt to a four-hour "topic-specific" and "decision-oriented" classified briefing on mobile threats and security.
"Google's participation in refinement, engineering and deployment of the solutions will be essential," Alexander said in the missive.
In response, Schmidt professes his delight at meeting Alexander recently while noting his inability to attend the meeting because of a prior engagement. "Would love to see you another time," Schmidt says in an email.
Alexander's email refers to a government/industry information sharing initiative called the Enduring Security Framework (ESF), which was launched in 2009 by the Department of Homeland Security, U.S. Department of Defense and the CEOs of 18 technology companies.
Alexander notes in the email that under the ESF initiative, the NSA worked with several top tech companies, including Intel, AMD, Dell, HP and Microsoft, to address a security threat in the BIOS of several enterprise systems.
In an interview on the television news program 60 Minutes last December, NSA cyber defense director Debora Plunkett outlined details of the BIOS threat referred to in the letter. Plunkett said a state-sponsored group in China created a BIOS plot to "brick", or destroy, systems in the U.S. and the NSA joined with top tech firms to address the threat.
In the email to Schmidt, Alexander also sought Google's help in addressing mobile security threats. "A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security practices," Alexander wrote.
The classified meeting was to provide the CEOs of these companies with information on how they could mitigate specific threats to their mobile technologies, he said.
In an email addressed to Brin, Alexander expresses his appreciation for the contributions to the ESF effort made by several top Google technologists, including Vint Cerf, vice president and Chief Internet Evangelist, and Eric Grosse, vice president of security engineering. "You insights as a key member of the Defense Industrial Base are valuable to ensure that ESF's efforts have a measurable impact," Alexander aid.
A Google spokeswoman today said the company worked with a range of experts, including those from the government, to protect users from cyberattacks. "We work really hard to protect our users from cyberattacks and we talk to outside experts, including occasionally in the US government, to ensure we stay ahead of the game."
- Google updates the Maps Explore Nearby feature -- for some users
- Chrome gets sharp after dumping 30-year-old Windows technology
- Google moves closer to selling smart contacts
- Google goes mum on Glass release plans
- Samsung Gear Live vs. LG G Watch: A real-world evaluation
- Android Wear deep-dive review: A smart start to smartwatch software
- Google's Larry Page talks of killing the 40-hour work week
- Google terminates Quickoffice apps on Android, iOS
- Google I/O looks to be about more than Android
- Google eyes 3D vision tech for experimental tablet
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!