Facing frequent cyber attacks, the US is developing a new generation of tools to scan e-mail and other digital traffic to thwart hacking into defence firms by foreign adversaries, a media report said on Friday.

Since last month, the National Security Agency (NSA), America's largest spy agency and a part of the Defence Department, is working with Internet service providers AT&T, Verizon and CenturyLink on the deployment of the new tools, Washington Post reported.

The novel programme, on a voluntary, trial basis, relies on sophisticated NSA data sets to identify malicious programmes slipped into the vast stream of Internet data flowing to America's largest defence firms.

Such attacks, including one last month against Bethesda -based Lockheed Martin, are nearly constant as rival nations and terrorist groups seek access to US military secrets, the report said.

"We hope the cyber pilot can be the beginning of something bigger," Deputy Defence Secretary William Lynn said at a global security conference in Paris yesterday.

The programme uses NSA-developed "signatures," or fingerprints of malicious code, and sequences of suspicious network behaviour to filter the Internet traffic flowing to major defence contractors. That allows the Internet providers to disable the threats before an attack can penetrate a contractor's servers.

The trial is testing two particular sets of signatures and behaviour patterns that the NSA has detected as threats.

The NSA and Internet carriers are seeking to filter the traffic of 15 defence contractors, including Lockheed, Falls Church-based CSC, McLean-based SAIC and Northrop Grumman.

The contractors have the option, but not the obligation, to report the success rate to the NSA's Threat Operations Centre.

All three of the Internet carriers declined to comment on the pilot programme. Several of the defense contractors declined to comment as well, the report said.

Although this NSA technology is more sophisticated than traditional anti-virus programmes, it still can screen only for known threats. Developing detection and mitigation strategies for emerging new threats is more difficult.

The programme also does not protect against insider threats or employees who deliberately leak material. Nor will it protect a network from penetration by hackers who have compromised security software, enabling them to log in as if they were legitimate users.