NSA Director Says U.S. Has a Duty to Secure the Internet

WASHINGTON, D.C.–The United States has a responsibility to take a leadership role in securing the Internet against both internal and external attackers, a duty that the federal government takes very seriously, the country’s top military cybersecurity official said Tuesday. However, Gen. Keith Alexander, director of the National Security Agency and commander of the U.S. Cyber Command, provided virtually nothing in the way of details of how the government intends to accomplish this rather daunting task.

WASHINGTON, D.C.–The United States has a responsibility to take a leadership role in securing the Internet against both internal and external attackers, a duty that the federal government takes very seriously, the country’s top military cybersecurity official said Tuesday. However, Gen. Keith Alexander, director of the National Security Agency and commander of the U.S. Cyber Command, provided virtually nothing in the way of details of how the government intends to accomplish this rather daunting task.

In a speech at the Gov 2.0 Summit here, Alexander said that it is incumbent upon the U.S. government to play a major role in making both the public Internet and private, classified networks more secure and resilient to attack. He expressed confidence that the country’s information security apparatus was up to the task, but acknowledged the difficulty of securing the Internet, a network that many security experts see as hopelessly broken and flawed by design.

“We made the Internet and it seems to me that we ought to be the first folks to get out there and protect it,” Alexander said. “The challenge before us is large and daunting. But we have an obligation to meet it head-on.”

Many security and privacy experts have been critical of the efforts of both the Bush and Obama administrations’ cybersecurity efforts, especially in the way that the federal government approaches data sharing with private-sector organizations. The government also has come under fire for attempting to tell companies how to improve their security while suffering a slew of embarrassing intrusions on its own public and classified networks. The most well-known of these attacks is the compromise of a classified Department of Defense network through an infected USB drive in 2008.

It’s unlikely that any of Alexander’s comments Tuesday will do much to quiet those criticisms. Speaking mostly in generalities, Alexander emphasized the administration’s commitment to the Comprehensive National Cybersecurity Initiative, a plan developed by the Bush administration and recently partially de-classified by Obama administration officials. The strategy comprises a number of fairly basic components, such as intrusion detection and prevention and reducing the number of connections the government has to the Internet, that have been included in previous national security strategy plans.

While the CNCI has been called overly broad and basic, Alexander said that the government remains committed to implementing it and that the plan is a vital part of the administration’s efforts to better secure the country’s sensitive data. The NSA director also revealed that the Department of Defense’s networks see roughly 250,000 probes per hour.

“The Internet is fragile. Our economic and national security, privacy and civil liberties are fully dependent on the Internet,” he said. “It is critical we improve our security posture. The threats are real. Malicious actors a continent away can exploit our networks. They’re becoming better organized and sophisticated at exploiting weaknesses in our technologies.

“We must have a strategy to defend and deny and we must depend on cross-community expertise and teamwork,” Alexander said. “The CNCI must protect networks as a single entity and limit access to our sensitive data. We must do a better job at protecting our classified networks.”

Alexander also said that the NSA and other government agencies involved in information security efforts are working hard to respect the rights and civil liberties of citizens while going about their duties.

“Our citizens take a lot of interest in the government’s activities in this area, and I have an obligation to the law and the American people to ensure everything we do preserves and protects their rights while protecting our interests,” he said. “That’s an obligation that’s never compromised.”

Home page image via oreillyconf‘s Flickr photostream.

Suggested articles

Discussion

  • Dr. Zilman on

    Anybody have any good ideas about securing IPv6? Are there any good FAQs out there? Thanks in advance.
  • Anonymous on

    why only USA? are better than?

    hypocrisy

  • Anonymous on

    Privacy is a necessary thing and has been upheld by US courts.

    How about a mechanism where only authorized people can access the net but that access is anonymous.  This could even include the ability to lock someone out of the net.  Actually identifying an individual should require cooperation between several completely seperate organizations that each hold part of the key.

     

  • Anonymous on

    The internet was designed by DARPA - the Research & Development part of the US Department of Defense. Unfortunately, it was never intended to be what it has become today and is seriously lacking in security - security was an afterthought rather than a part of the basic design. The underlying design of the 'net and TCP/IP are highly resistant to the control needed to make it secure. We're stuck with what we've got - and that's both good and bad.
  • Anonymous on

      Quit telling people what to do....You are in existence to secure the borders and stimulate the economy ...not to be in the middle of every part of every U.S. citizen's life...Only my wife tells me what to do so unless you're going to hit your knees keep out of my business

  • Anonymous on

    Please leave the internet alone!  It is not the US and the US does not need to control it!  Stay out of it and give everyone net neutrality.  If the government steps in and sells out again to big corporations it will ruin everything I thought was America - freedom.

  • Anonymous on

    Summary: Why should only China have a great firewall, we can also enforce some fascist "moral" standards on our population. Fortunately the Internet was designed to work around single points of failure. It's the heart and soul of the Internet that any two hosts should be able to communicate, no matter what any other host elsewhere is doing. That's wonderful and makes a single censorship bureau (security? come on, bring on some better smokescreen to laugh at) quite ineffective.
  • Axiomatic on

    Dear NSA,

    You can start with Nigerian Bank scams and our own US Politicians using personal email for sensitive Govt. emails. Now get to work. That should keep you busy till at least 2075.

  • Anonymous on

    "securing the Internet against both internal and external attackers" ... sounds to me like we're going to make the internets a "private" network...

  • Anonymous on

    But who will watch the watchmen.....

  • Anonymous on

    Ha. NSA are the sig-int (signals intelligence) guys, who read the other guy's mail. They didn't want a secure system, so they should be in paradise now. They should have realized an  insecure internet could bring the war (i.e., loss of sovereignty) directly to them.

  • JV2K on

    "Alexander also said that the NSA and other government agencies involved in information security efforts are working hard to respect the rights and civil liberties of citizens while going about their duties."  

    Now that's a damn lie.  We all know better, don't we General Al?

    Some of us know better than others just how much of a lie it is.

     

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.