Details of “Einstein” Cyber Shield Disclosed by White House

[tptacek]

"The program is designed to look for indicators of cyber attacks by digging into all Internet communications, including the contents of emails, according to the declassified summary."

... in federal government networks.

[rmorrison]

The program was initially called SkyNet, but after a perceptive Hollywood writer stumbled upon it, they renamed it after the lovable, huggable historical figure.

[djcapelis]

Some more details from related documents here: http://www.whitehouse.gov/cyberreview/documents

I've been reading through these as I get spare time. Some of them contain a couple interesting nuggets. Others are pretty useless.

The page for all the stuff released by the whitehouse is here: http://www.whitehouse.gov/cybersecurity/

[barrkel]

Frankly, I don't think this is possible. Just because the attack vector is via machines doesn't mean that the weakness isn't human, via social engineering.

[colonelxc]

Phishing attacks often come in waves or "campaigns", the quicker you can identify a new phishing strain, the quicker you can develop filters for it.

That way, maybe only 25% of the intended recipients even see a particular phishing attack before you eradicate it. Though you probably still got owned, you have a lot less owned machines.

[barrkel]

I would expect attacks on high-value targets in espionage etc. cases to be extremely specific and precisely tailored. I'd expect exactly one intended recipient of any given phishing attempt, and no patterns.