The National Security Agency will not retreat from aggressively pursuing terrorists and other criminals attempting to bring down the country’s critical infrastructure, infiltrate and steal intellectual property and do harm to the United States and its allies, said former NSA director general Keith Alexander (Ret.).
Alexander surprised hundreds of network security experts and other IT security professionals by taking the stage on Wednesday to address them at the Palo Alto Networks Ignite user conference.
Speaking for the first time since retiring from his 39-year career in the US Army on 28 March, he called on government officials, legislators and experts in the technology industry must work together to find ways to protect civil liberties and privacy while maintaining the measures in place to secure the country.
“We’re not going to go back,” Alexander said. “This is too good for mankind what we have created in these networks. We’re going to move forward.”
Vice admiral Mike Rogers, a longtime cryptologist, was nominated by President Obama in January to assume the leadership role at the NSA.
If his appointment gets Senate confirmation, he will also head the US Cyber Command. President Obama also recently unveiled a proposal to end the agency's collection of records of phone call metadata under the government's PRISM program, one of the first and most visible revelations from the leaked documents.
The former NSA chief said his greatest fear is a terrorist attack against the US or any of its allies as a result of the revelations from former agency contractor Edward Snowden revealed details about the government's wide-scale surveillance operations.
Americans don’t have all the facts about the processes behind the NSA's surveillance operation, Alexander said. The NSA has more oversight than any other government agency to ensure the privacy protection of both US citizens and foreigners, he said.
Americans don’t have all the facts about the processes behind the NSA's surveillance operation, Alexander said. The NSA has more oversight than any other government agency to ensure the privacy protection of both U.S. citizens and foreigners, he added.
"For our country, it will take several years for people to really get all the facts on the table here," Alexander said. "We have to help people understand that there is difference between searching for malicious software and physically reading emails."
Alexander said he envisions the government taking steps to create a more secure network or "secure world" that citizens would connect to for banking, interaction with public agencies and other sensitive transactions. Measures would be in place to verify the authenticity of those connecting to it. A separate but "not so secure world" could still freely be accessed to perform less-sensitive activities without the added oversight and controls, Alexander said.
Alexander said Snowden's ability to remove the documents highlighted a series of operational failures of critical proportions to the agency. Snowden figured out ways around the agency's safeguards regarding contractors, he said. There have been 42 changes in how the agency manages supervising authority of the network, he said. The revelations are impacting the cloud services market for U.S. technology providers doing business abroad, Alexander said.
He called on those in attendance to share their knowledge about IT security and support ways to strengthen threat intelligence sharing with the government and private sector businesses. Legislators and government officials need help in structuring rules and regulations to protect servers containing sensitive data or systems supporting critical infrastructure.
"They do not technically understand these issues to level that you folks do here," Alexander said. "They are trying to create laws and policy based on their understanding and not a technical understanding, and that creates a series of problems and issues."
Alexander referred several times to a Huffington Post column by Geoffrey Stone, a civil libertarian and member of the National Advisory Council of the ACLU. Stone, a member of President Obama's NSA Review Group, said he had deep respect for the NSA and its people who were doing their job under the system set up after 9/11. He said the agency should not have had all the authority it was given.
"Not only did I find that the NSA had helped to thwart numerous terrorist plots against the United States and its allies in the years since 9/11, but I also found that it is an organization that operates with a high degree of integrity and a deep commitment to the rule of law," Stone wrote. "…in no instance was the NSA implementing a program that was so clearly illegal or unconstitutional that it would have been justified in refusing to perform the functions assigned to it by Congress, the President, and the Judiciary.
The last time Alexander spoke to IT security professionals was last July at the Black Hat Conference in Las Vegas where his keynote was interrupted several times by attendees. The tenor of the audience at the networking security conference on Wednesday was much more accepting of the former general's service, with a hundred or so attendees giving him a standing ovation.
PUBLISHED APRIL 2, 2014