U.S. creates new agency to lead cyberthreat tracking

By Warren Strobel

WASHINGTON (Reuters) - Calling the destructive cyberattack on Sony Pictures "a game changer," a top White House official on Tuesday announced a new intelligence unit to coordinate analysis of cyberthreats, modeled on similar U.S. government efforts to fight terrorism.

Lisa Monaco, President Barack Obama's homeland security and counterterrorism adviser, said the new agency will rapidly pool and disseminate data on cyberbreaches, which she said are ballooning in size and sophistication, to U.S. agencies.

"Currently, no single government entity is responsible for producing coordinated cyber threat assessments" and sharing the information rapidly, Monaco said in remarks at the Wilson Center think tank in Washington.

The new agency, the Cyber Threat Intelligence Integration Center, "is intended to fill these gaps," she said.

Obama has moved cybersecurity to the top of his 2015 agenda after recent hacking attacks against Sony, Home Depot Inc, Anthem Inc and Target Corp as well as the federal government itself.

U.S. officials have described the Sony attack as particularly worrying because hackers stole data, debilitated computers and pressured the studio to halt release of a satirical film about North Korean leader Kim Jong-un. The FBI took the unusual step of publicly accusing North Korea of being behind the cyberattack.

Obama will host a "cyber summit" with industry and government leaders at Stanford University in California on Friday.

Industry executives lauded Obama's increased focus on cybersecurity, but some questioned whether a new government agency is the answer, and whether it should be part of the secretive U.S. intelligence community.

Responsibility for cybersecurity is already spread across the U.S. government, including the National Security Agency, Department of Homeland Security, FBI, and the U.S. military's Cyber Command.

"Is this going to be effective? Is it another reorg(anization)?" said Amit Yoran, president of security firm RSA.

Still, Yoran said, the series of high-profile attacks showed that change was needed. "We aren't getting the cyber job done," he said.

"I do think it is redundant," said Tom Kellermann, chief cybersecurity officer at Trend Micro Inc. "You don't necessarily need a new center," he said, noting the existence of a similar Homeland Security unit that shares cyberthreat information with the private sector.

Monaco rejected the criticism. She said the new unit, which is expected to be relatively small, will not overlap existing agencies that have operations that investigate and disrupt cyberattacks. Instead it will rapidly feed them timely intelligence.

"This is filling a critical gap," she said.

Rep. Michael McCaul, chairman of the House Committee on Homeland Security, welcomed efforts to improve U.S. government coordination on cyberbreaches.

"Streamlining the process by which information is shared between the intelligence community and civilian government counterparts ... is a good first step," the Texas Republican said in a statement.

Monaco renewed a White House plea for Congress to pass legislation encouraging companies to share data from cyberattacks with the government and with each other.

Past efforts were stymied by liability issues and privacy concerns. Last month, Obama proposed legislation to strike a balance, offering liability protection to companies that provide information in near real time to the government, while requiring them to delete personal data.

(Additional reporting by Doina Chiacu, Mark Hosenball and Jim Finkle; Editing by Susan Heavey and Jeffrey Benkoe)