Emails shed light on Google's work with NSA
Exchanges between NSA director and Google execs suggest cooperation on data security
Computerworld - Two sets of emails obtained by Al Jazeera America under a Freedom of Information Act request suggest that Google's cooperation with the National Security Agency (NSA) may have been less coerced than the company has let on.
The emails date back to June 2012 and chronicle communications between NSA director General Keith Alexander and Google executives Eric Schmidt and Sergey Brin.
In one email, Alexander refers to a previous meeting between NSA and Google officials and then invites Schmidt to a four-hour "topic-specific" and "decision-oriented" classified briefing on mobile threats and security.
"Google's participation in refinement, engineering and deployment of the solutions will be essential," Alexander said in the missive.
In response, Schmidt professes his delight at meeting Alexander recently while noting his inability to attend the meeting because of a prior engagement. "Would love to see you another time," Schmidt says in an email.
Alexander's email refers to a government/industry information sharing initiative called the Enduring Security Framework (ESF), which was launched in 2009 by the Department of Homeland Security, U.S. Department of Defense and the CEOs of 18 technology companies.
Alexander notes in the email that under the ESF initiative, the NSA worked with several top tech companies, including Intel, AMD, Dell, HP and Microsoft, to address a security threat in the BIOS of several enterprise systems.
In an interview on the television news program 60 Minutes last December, NSA cyber defense director Debora Plunkett outlined details of the BIOS threat referred to in the letter. Plunkett said a state-sponsored group in China created a BIOS plot to "brick", or destroy, systems in the U.S. and the NSA joined with top tech firms to address the threat.
In the email to Schmidt, Alexander also sought Google's help in addressing mobile security threats. "A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security practices," Alexander wrote.
The classified meeting was to provide the CEOs of these companies with information on how they could mitigate specific threats to their mobile technologies, he said.
In an email addressed to Brin, Alexander expresses his appreciation for the contributions to the ESF effort made by several top Google technologists, including Vint Cerf, vice president and Chief Internet Evangelist, and Eric Grosse, vice president of security engineering. "You insights as a key member of the Defense Industrial Base are valuable to ensure that ESF's efforts have a measurable impact," Alexander aid.
A Google spokeswoman today said the company worked with a range of experts, including those from the government, to protect users from cyberattacks. "We work really hard to protect our users from cyberattacks and we talk to outside experts, including occasionally in the US government, to ensure we stay ahead of the game."
- Google updates the Maps Explore Nearby feature -- for some users
- Chrome gets sharp after dumping 30-year-old Windows technology
- Google moves closer to selling smart contacts
- Google goes mum on Glass release plans
- Samsung Gear Live vs. LG G Watch: A real-world evaluation
- Android Wear deep-dive review: A smart start to smartwatch software
- Google's Larry Page talks of killing the 40-hour work week
- Google terminates Quickoffice apps on Android, iOS
- Google I/O looks to be about more than Android
- Google eyes 3D vision tech for experimental tablet
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!